FireAnt 1.3 (index.php page) Local File Inclusion Vulnerability

No description provided by source. Name : FireAnt v1.3 Local File Inclusion Vulnerability Author : cOndemned Dork : use Your brain : Greetz : ZaBeaTy, str0ke, GregStar, irk4z, Sandtalker & Avantura ; Source : // index.php 8. $page = "buglist"; //default page 9. if !empty$GET'page' 10. $page =...

saforum 注射漏洞

saforum是国内安全研究人员修改过的saforum论坛,但是代码中有一点瑕疵导致可能被获取管理员权限: \include\common.php 行4149引入没有过滤的变量 ------cut----------------- ifgetenv'HTTPCLIENTIP' $onlineip = getenv'HTTPCLIENTIP'; elseifgetenv'HTTPXFORWARDEDFOR' $onlineip = getenv'HTTPXFORWARDEDFOR'; elseifgetenv'REMOTEADDR' $onlineip =...

Gallery 1.4 - index.php Remote File Inclusion

Gallery 1.4 - index.php Remote File Inclusion source: https://www.securityfocus.com/bid/8814/info It has been reported that Gallery is prone to a remote file include vulnerability in the index.php script file. The problem occurs due to the program failing to verify the location in which it includ...

EZ Publish 2.2 - index.php IMG Tag Cross-Site Scripting

EZ Publish 2.2 - index.php IMG Tag Cross-Site Scripting source: https://www.securityfocus.com/bid/7616/info A cross-site scripting vulnerability has been reported for eZ publish. Specifically, eZ publish does not sufficiently sanitize user-supplied input supplied to the 'index.php' script. This m...

CVE-2002-2084

Directory traversal vulnerability in index.php of Portix 0.4.02 allows remote attackers to read arbitrary files via a .. dot dot in the 1 l and 2 topic parameters...

Web Server Creator Web Portal 0.1 - Remote File Inclusion

Web Server Creator Web Portal 0.1 - Remote File Inclusion source: https://www.securityfocus.com/bid/6251/info The Web Server Creator Web Portal is prone to an issue which may allow attackers to include arbitrary files from a remote server. It is possible for remote attackers to influence the...