727 matches found
PHPFusion <= v6.00.306 avatar mod_mime arbitrary file upload & local inclusion vulnerabilities
!/usr/bin/php -q -d shortopentag=on ? echo "PHPFusion = v6.00.306 avatar modmime arbitrary file upload &rn"; echo "local inclusion vulnerabilitiesrn"; echo "by rgod [email protected]"; echo "site: http://retrogod.altervista.orgrnrn"; if $argc6 echo "Usage: php ".$argv0." host path user pass cm...
Invision Power Board 2.x.x < 04-25-06 Multiple Vulnerabilities
The installation of Invision Power Board on the remote host fails to sanitize input to the 'ck' parameter of the 'index.php' script before using it in database queries. An unauthenticated attacker may be able to leverage this issue to disclose sensitive information, modify data, or launch attacks...
Sql injection
SQL injection vulnerability in portfoliophotopopup.php in Verosky Media Instant Photo Gallery 1.0.2 allows remote attackers to execute arbitrary SQL commands via the id parameter, which is not cleansed before calling the countclick function in includes/functions/fnsstd.php. NOTE: this issue could...
CVE-2006-2080
SQL injection vulnerability in portfoliophotopopup.php in Verosky Media Instant Photo Gallery 1.0.2 allows remote attackers to execute arbitrary SQL commands via the id parameter, which is not cleansed before calling the countclick function in includes/functions/fnsstd.php. NOTE: this issue could...
CVE-2006-1794
SQL injection vulnerability in Mambo 4.5.3, 4.5.3h, and possibly earlier versions allows remote attackers to execute arbitrary SQL commands via 1 the $username variable in the mosGetParam function and 2 the $task parameter in the mosMenuCheck function in a includes/mambo.php; and 3 the $filter...
Sql injection
SQL injection vulnerability in Mambo 4.5.3, 4.5.3h, and possibly earlier versions allows remote attackers to execute arbitrary SQL commands via 1 the $username variable in the mosGetParam function and 2 the $task parameter in the mosMenuCheck function in a includes/mambo.php; and 3 the $filter...
PT-2006-2671 · Maxdev · Maxdev Md-Pro
Name of the Vulnerable Software and Affected Versions: MAXdev MDPro versions prior to 1.076 Description: The issue allows remote attackers to obtain the full path of the server via a direct request to "includes/legacy.php". Recommendations: For versions prior to 1.076, consider restricting access...
CVE-2006-1602
CVE-2006-1602 describes a PHP remote file inclusion in includes/functions_common.php within the VWar Account module (vWar_Account) of PHPNuke Clan 3.0.1. The vulnerability allows remote attackers to include arbitrary files via a URL supplied to the vwar_root2 parameter. The issue is scoped to the...
The Includer remote command execution flaw
The remote web server contains a PHP script that is affected by a remote code execution vulnerability. The remote host is running The Includer, a PHP script for emulating server-side includes. The version of The Includer installed on the remote host allows an attacker to execute arbitrary shell...
CVE-2006-1104
Pixelpost
LoudBlog 0.41 - index.php?template Traversal Arbitrary File Access
LoudBlog 0.41 - index.php?template Traversal Arbitrary File Access source: https://www.securityfocus.com/bid/17023/info Loudblog is prone to multiple input-validation vulnerabilities: - An SQL-injection vulnerability. - Two local file-include vulnerabilities. - An information-disclosure...
DEBIAN-CVE-2006-0986
WordPress 2.0.1 and earlier allows remote attackers to obtain sensitive information via a direct request to 1 default-filters.php, 2 template-loader.php, 3 rss-functions.php, 4 locale.php, 5 wp-db.php, and 6 kses.php in the wp-includes/ directory; and 7 edit-form-advanced.php, 8...
CVE-2006-0986
WordPress 2.0.1 and earlier allows remote attackers to obtain sensitive information via a direct request to 1 default-filters.php, 2 template-loader.php, 3 rss-functions.php, 4 locale.php, 5 wp-db.php, and 6 kses.php in the wp-includes/ directory; and 7 edit-form-advanced.php, 8...
Directory traversal
WordPress 2.0.1 and earlier allows remote attackers to obtain sensitive information via a direct request to 1 default-filters.php, 2 template-loader.php, 3 rss-functions.php, 4 locale.php, 5 wp-db.php, and 6 kses.php in the wp-includes/ directory; and 7 edit-form-advanced.php, 8...
CVE-2006-0697
Zen Cart before 1.2.7 is affected by CVE-2006-0697 due to insufficient protection of the admin/includes directory. The vulnerability, described in the NVD entry, allows remote attackers to trigger unknown impact via unspecified vectors (likely direct requests) with a CVSS v2 base score of 10.0 (H...
Etomite CMS "Backdoored"
/ Package: Etomite Content Management System Auth: http://www.etomite.org/ Versions: 0.6 / previous versions may also be backdoored Vulnerability Type: Remote Code Execution / Disclaimer: --------- The information is provided "as is" without warranty of any kind. The author of this issue shall no...
Уязвимость в Randshop <V1_1
Здравствуйте, vuln. Извиняйте за ошибки и неточности описаний еще не писал никогда. Из-того что сам обнаружил, дыру уже закрыли.- после 2 недельной переписки и убеждения что дыры все же есть В randshop v11 и ниже Множественные php-инклуды http://host/admin/zahlungsart/index.php?dateiPfad...
CubeCart 3.0.6 - Remote Command Execution
CubeCart 3.0.6 - Remote Command Execution !/usr/bin/perl cijfer-ccxpl - CubeCart All rights reserved. 1. example cijfer@kalma:/research$ perl ./cijfer-ccxpl.pl -h www.xxx.com -d [email protected] /$ id;uname -a uid=48apache gid=48apache groups=48apache,2523psaserv Linux server.xxx.com...
CVE-2005-3997
Zen Cart 1.2.6d and earlier, under certain PHP configurations, allows remote attackers to obtain sensitive information via direct requests to files in the admin/includes directory, including 1 graphs/bannerdaily.php, 2 graphs/bannerinfobox.php, 3 graphs/banneryearly.php, 4 graphs/bannermonthly.ph...
vBulletin Init.PHP unspecified vulnerability
The remote host is running vBulletin, a web based bulletin board system written in PHP. The remote version of this software is vulnerable to an unspecified issue. It is reported that versions 3.0.0 through to 3.0.4 are prone to a security flaw in 'includes/init.php'. Successful exploitation...