30 matches found
EUVD-2009-2620
Malware in sbrugna...
K13231: PHP vulnerability CVE-2009-2626
Security Advisory Description In PHP 5.3.0 and PHP 5.2.10 and earlier, the zendrestoreinientrycb function in zendini.c allows context-specific attackers to obtain sensitive information memory contents and causes PHP to fail by using the iniset function to declare a variable, and then using the...
SUSE CVE-2007-5900
PHP before 5.2.5 allows local users to bypass protection mechanisms configured through phpadminvalue or phpadminflag in httpd.conf by using iniset to modify arbitrary configuration variables, a different issue than CVE-2006-4625...
Joomla SIGE 3.4.1-FREE / 3.5.3-PRO RFI / Cross Site Scripting
Title: SIGE - Simple Image Gallery Extended joomla extension 3.4.1-FREE / 3.5.3-PRO - Multi Vulnerability Remote File Inclusion RFI & Cross Site Scripting XSS date: 2020-11-11 Vendor Homepage: https://kubik-rubik.de/ Software Link: https://kubik-rubik.de/sige-simple-image-gallery-extended Softwar...
SimplePHPGal 0.7 - Remote File Inclusion Vulnerability
Exploit for php platform in category web applications Title: SimplePHPGal 0.7 - Remote File Inclusion Author: h4shur Vendor Homepage: https://johncaruso.ca Software Link: https://johncaruso.ca/phpGallery/ Software Link: https://sourceforge.net/projects/simplephpgal/ Tested on: Windows 10 & Google...
SimplePHPGal 0.7 Remote File Inclusion
Title: SimplePHPGal 0.7 - Remote File Inclusion Author: h4shur date:2020-05-05 Vendor Homepage: https://johncaruso.ca Software Link: https://johncaruso.ca/phpGallery/ Software Link: https://sourceforge.net/projects/simplephpgal/ Tested on: Windows 10 & Google Chrome Category : Web Application Bug...
SimplePHPGal 0.7 - Remote File Inclusion
Title: SimplePHPGal 0.7 - Remote File Inclusion Author: h4shur date:2020-05-05 Vendor Homepage: https://johncaruso.ca Software Link: https://johncaruso.ca/phpGallery/ Software Link: https://sourceforge.net/projects/simplephpgal/ Tested on: Windows 10 & Google Chrome Category : Web Application Bug...
Verlihub Control Panel <= 1.7.x Local File Inclusion Vulnerability
No description provided by source. Verlihub Control Panel v 1.7 PHP 4.x Local File Inclusion http://vhcp.verlihub- project.org/ Bug Found By Methodman From TEAMELITE - dchub.nemesis.te-home.net:4120 Bug: Line: 27 - inisetmagicquotesgpc,1; ............................ Line: 71 - $pagename =...
SOL13231 - PHP vulnerability CVE-2009-2626
In PHP 5.3.0 and PHP 5.2.10 and earlier, the zendrestoreinientrycb function in zendini.c allows context-specific attackers to obtain sensitive information memory contents and causes PHP to fail by using the iniset function to declare a variable, and then using the inirestore function to restore t...
Mandriva Linux Security Advisory : php (MDVSA-2010:008)
Multiple vulnerabilities has been found and corrected in php : The zendrestoreinientrycb function in zendini.c in PHP 5.3.0, 5.2.10, and earlier versions allows context-specific attackers to obtain sensitive information memory contents and cause a PHP crash by using the iniset function to declare...
Information disclosure
The zendrestoreinientrycb function in zendini.c in PHP 5.3.0, 5.2.10, and earlier versions allows context-specific attackers to obtain sensitive information memory contents and cause a PHP crash by using the iniset function to declare a variable, then using the inirestore function to restore the...
CVE-2009-2626
The zendrestoreinientrycb function in zendini.c in PHP 5.3.0, 5.2.10, and earlier versions allows context-specific attackers to obtain sensitive information memory contents and cause a PHP crash by using the iniset function to declare a variable, then using the inirestore function to restore the...
CVE-2009-2626
The zendrestoreinientrycb function in zendini.c in PHP 5.3.0, 5.2.10, and earlier versions allows context-specific attackers to obtain sensitive information memory contents and cause a PHP crash by using the iniset function to declare a variable, then using the inirestore function to restore the...
cpCommerce 1.2.x File Inclusion
!/usr/bin/perl cpCommerce 1.2.x GLOBALSprefix Arbitrary File Inclusion Exploit by staker mail: stakerathotmaildotit url: http://cpcommerce.cpradio.org it works with registerglobals=on if you wanna carry out a LFI - mq=off short explanation: cpCommerce contains one flaw that allows an attacker to...
cpCommerce 1.2.x GLOBALS[prefix] Arbitrary File Inclusion Exploit
Exploit for unknown platform in category web applications ================================================================= cpCommerce 1.2.x GLOBALSprefix Arbitrary File Inclusion Exploit ================================================================= !/usr/bin/perl cpCommerce 1.2.x GLOBALSpref...
Joomla! Component com_digistore - 'pid' Blind SQL Injection
1 $url = $argv1; $r = strlenfilegetcontents$url."+and+1=1--"; echo "\nExploiting:\n"; $w = strlenfilegetcontents$url."+and+1=0--"; $t = abs100-$w/$r100; echo "Username: "; for $i=1; $i $t-1 $count = $i; $i = 30; for $j = 1; $j $t-1 $laenge = strlen...
PHP safe_mode protection bypass
It's possible to bypass protection with iniset"errorlog", "/hack/";...
PHP 5.2.6 (error_log) safe_mode Bypass Vulnerability
No description provided by source. SecurityReason.com PHP 5.2.6 errorlog safemode bypass Author: Maksymilian Arciemowicz cXIb8O3 securityreason.com Date: - - Written: 10.11.2008 - - Public: 20.11.2008 SecurityReason Research SecurityAlert Id: 57 CWE: CWE-264 SecurityRisk: Medium Affected Software...
Fedora 9 : phpMyAdmin-2.11.9.1-1.fc9 (2008-8370)
This update by upstream to phpMyAdmin 2.11.9.1 solves a not yet clearly specified code execution vulnerability. - auth Links to version number on login screen - core PMA does not start if iniset is disabled - bookmarks Saved queries greater than 1000 chars not displayed - export Export type...
PHP set_time_limit limitation bypass
It's possible to use iniset"maxexecutiontime", 90000000; in safe mode instead of settimelimit...