723 matches found
CVE-2007-6082
Direct static code injection vulnerability in acp/savenews.php in Sciurus Hosting Panel, possibly 2.0.3, allows remote attackers to inject arbitrary PHP code via the filecontents parameter, which can be executed by accessing includes/news.php...
GuppY Includes.Inc远程文件包含漏洞
GuppY是一款基于PHP的WEB应用程序。 GuppY不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞以WEB权限执行任意PHP代码。 问题是由于'Includes.Inc'脚本对用户提交的WEB参数缺少过滤,指定远程服务器上的任意文件作为包含参数,可导致以WEB权限执行任意PHP代码。 GuppY 4.6.3 目前没有详细解决方案提供: http://www.freeguppy.org/ http://www.example.com/path/index.php?selskin=..%2Finc%2Fboxleft.inc%00&xposboxL=RFI...
Remote file inclusion
PHP remote file inclusion vulnerability in includes/functions.php in phpSCMS 0.0.1-Alpha1 allows remote attackers to execute arbitrary PHP code via a URL in the dir parameter. NOTE: this issue is disputed by CVE because the identified code is in a function that is not accessible via direct reques...
PT-2007-6587 · Php · Sphpblog
Name of the Vulnerable Software and Affected Versions: PHPBlog version 0.1 Alpha Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the blog localpath parameter to includes/functions.php or includes/email.php. However, it is noted that this issue is disputed...
PT-2007-6586 · Phpcms · Phpscms
Name of the Vulnerable Software and Affected Versions: phpSCMS versions 0.0.1-Alpha1 Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the dir parameter in the includes/functions.php file. This is a remote file inclusion issue. Note that the identified code...
Remote file inclusion
PHP remote file inclusion vulnerability in htmls/forum/includes/topicreview.php in UniversiBO 1.3.4 allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter. NOTE: this issue is disputed by CVE because the applicable include is in a function that is not calle...
PT-2007-6256 · Nexty · Nexty
Name of the Vulnerable Software and Affected Versions: Nexty version 1.01.A Beta Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the rel parameter in the includes/functions/layout.php file. This is disputed because the applicable include is in a function...
FrontAccounting 1.13 Remote File Inclusion Vulnerabilities
Exploit for unknown platform in category web applications ========================================================== FrontAccounting 1.13 Remote File Inclusion Vulnerabilities ========================================================== ?????????? ??????????????? ???????????????????...
FrontAccounting 1.12 Build 31 Remote File Inclusion Vulnerability
Exploit for unknown platform in category web applications ================================================================= FrontAccounting 1.12 Build 31 Remote File Inclusion Vulnerability ================================================================= ?????????? ???????????????...
FrontAccounting 1.12 build 31 - Remote File Inclusion
FrontAccounting 1.12 build 31 - Remote File Inclusion ?????????? ??????????????? ??????????????????? ??????????????????????? ?????????????????????????? ?????????????????????????????? ????????????????????????????????? ??????????????????????????????????? ?????????????????????????????????????...
FrontAccounting 1.12 build 31 - Remote File Inclusion
?????????? ??????????????? ??????????????????? ??????????????????????? ?????????????????????????? ?????????????????????????????? ????????????????????????????????? ??????????????????????????????????? ????????????????????????????????????? ???????????????????????????????????????...
joomla-sql.txt
Hello Joomla multiple vulerabilities Discovered By : HACKERS PAL Copy rights : HACKERS PAL Website : http://www.soqor.net Email Address : [email protected] Affected Versions 1.0.X - tested on 1.0.12 and 1.5 maybe affected - not tested but probebly affected sql injection...
paFileDB 3.6 - 'search.php' SQL Injection
Site: http://www.phparena.net/pafiledb Description: SQL injection categories in includes/search.php Code: $results = $db-GetArray"SELECT FROM ".$dbPrefix."files WHERE ".$searchin." AND filecatid IN ".implode',',$POST'categories'.""; Comment:"ouuch" SQL: UNION SELECT ALL...
CVE-2007-3639
WordPress before 2.2.2 allows remote attackers to redirect visitors to other websites and potentially obtain sensitive information via 1 the wphttpreferer parameter to wp-pass.php, related to the wpgetreferer function in wp-includes/functions.php; and possibly other vectors related to 2...
avarcade-sql.txt
Web: AV Arcade 2.1b Site : www.avscripts.net Dork : "Powered By AV Arcade" Author: Kw3rLn tehlostbyteatYaHoOd0tCom Romanian Security Team Ethical Hacking - hTTp://RSTZONE.nET Description: SQL injection in $id of includes/viewpage.php Exploit:...
YourFreeScreamer 1.0 (serverPath) Remote File Inclusion Vulnerability
No description provided by source. /////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// Title : YourFreeScreamer 1.0 Remote File 脛掳nclude Author : CrackersChild Contact : [email protected] Bug : in...
yfs-rfi.txt
/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// Title : YourFreeScreamer 1.0 Remote File İnclude Author : CrackersChild Contact : [email protected] Bug : in bodyTemplate.php " " Down :...
YourFreeScreamer 1.0 (serverPath) Remote File Inclusion Vulnerability
Exploit for unknown platform in category web applications ===================================================================== YourFreeScreamer 1.0 serverPath Remote File Inclusion Vulnerability =====================================================================...
YourFreeScreamer 1.0 - serverPath Remote File Inclusion
YourFreeScreamer 1.0 - serverPath Remote File Inclusion /////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// Title : YourFreeScreamer 1.0 Remote File Ä°nclude Author : CrackersChild Contact : [email protected]...
YourFreeScreamer 1.0 - 'serverPath' Remote File Inclusion
/////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// Title : YourFreeScreamer 1.0 Remote File Ä°nclude Author : CrackersChild Contact : [email protected] Bug : in bodyTemplate.php " " Down :...