Lucene search
+L

142 matches found

zdt
zdt
added 2013/11/05 12:0 a.m.29 views

ISPConfig 3.0.5.* 6 SQL injection Vulnerability

Just login as client or admin : and execute your SQL code. This is private exploit. You can buy it at https://0day.today...

7.8AI score
Exploits0
zdt
zdt
added 2013/10/31 12:0 a.m.72 views

ISPConfig Authenticated Arbitrary PHP Code Execution Vulnerability

ISPConfig allows an authenticated administrator to export language settings into a PHP script which is intended to be reuploaded later to restore language settings. This feature can be abused to run arbitrary PHP code remotely on the ISPConfig server. This Metasploit module was tested against...

8.8AI score0.43103EPSS
Exploits5
exploitdb
exploitdb
added 2013/10/31 12:0 a.m.25 views

ISPConfig - (Authenticated) Arbitrary PHP Code Execution (Metasploit)

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit4 'ISPConfig Authenticated Arbitrary PHP Code Execution', 'Description' = %q ISPConfig allows an authenticated administrator to export...

8.8CVSS7.4AI score0.43103EPSS
Exploits5
metasploit
metasploit
added 2013/10/30 3:25 p.m.87 views

ISPConfig Authenticated Arbitrary PHP Code Execution

ISPConfig allows an authenticated administrator to export language settings into a PHP script which is intended to be reuploaded later to restore language settings. This feature can be abused to run aribitrary PHP code remotely on the ISPConfig server. This module was tested against version...

8.8CVSS0.7AI score0.43103EPSS
Exploits5
packetstorm
packetstorm
added 2013/10/30 12:0 a.m.32 views

ISPConfig Authenticated Arbitrary PHP Code Execution

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit4 'ISPConfig Authenticated Arbitrary PHP Code Execution', 'Description' = %q ISPConfig allows an authenticated administrator to export...

0.6AI score0.43103EPSS
Exploits5
packetstorm
packetstorm
added 2011/07/19 12:0 a.m.23 views

ISPConfig Script SQL Injection

Exploit Title: ISPConfig Script SQL Injection Vulnerability Google Dork: intext:Powered by ISPConfig Date: 18/07/2011 Author: HeRoTuRK Demo : http://www.isodec.org.gh/ Tested on: Windows 7 Greetz; F0RTYS3V3N - Lazmania61 - BlackApple - JackTheRipper - System-Hacker...

0.1AI score
Exploits0
nvd
nvd
added 2006/06/15 10:2 a.m.15 views

CVE-2006-3042

Multiple PHP remote file inclusion vulnerabilities in ISPConfig 2.2.3 allow remote attackers to execute arbitrary PHP code via a URL in the 1 goinfoispclassesroot parameter in a server.inc.php, and the 2 goinfoserverclassesroot parameter in b app.inc.php, c login.php, and d trylogin.php. NOTE: th...

7.5CVSS7.7AI score0.02875EPSS
Exploits1References5
cve
cve
added 2006/06/15 10:0 a.m.59 views

CVE-2006-3042

CVE-2006-3042 concerns ISPConfig 2.2.3, with multiple PHP remote file inclusion vulnerabilities. An attacker could craft a URL to trigger inclusion via the go_info[isp][classes_root] parameter in server.inc.php or the go_info[server][classes_root] parameter in app.inc.php, login.php, or trylogin....

7.5CVSS8.1AI score0.02875EPSS
Exploits1References5Affected Software1
cvelist
cvelist
added 2006/06/15 10:0 a.m.18 views

CVE-2006-3042

Multiple PHP remote file inclusion vulnerabilities in ISPConfig 2.2.3 allow remote attackers to execute arbitrary PHP code via a URL in the 1 goinfoispclassesroot parameter in a server.inc.php, and the 2 goinfoserverclassesroot parameter in b app.inc.php, c login.php, and d trylogin.php. NOTE: th...

7.7AI score0.02875EPSS
Exploits1References5
ptsecurity
ptsecurity
added 2006/06/15 12:0 a.m.10 views

PT-2006-3947 · Ispconfig · Ispconfig

Name of the Vulnerable Software and Affected Versions: ISPConfig version 2.2.3 Description: Multiple PHP remote file inclusion issues allow remote attackers to execute arbitrary PHP code via a URL in the go infoispclasses root parameter in server.inc.php, and the go infoserverclasses root paramet...

7.5CVSS8AI score0.02875EPSS
Exploits1References9
securityvulns
securityvulns
added 2006/06/15 12:0 a.m.45 views

[FSA016] ISPConfig 2.2.3, File inclusion vulnerability

----------------------------------------------------- Advisory id: FSA:016 Author: Federico Fazzi Date: 14/06/2006, 18:57 Sinthesis: ISPConfig 2.2.3, File inclusion vulnerability Type: high Product: http://www.ispconfig.org/ Patch: unavailable -----------------------------------------------------...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2006/06/14 12:0 a.m.14 views

ISPConfig 2.2.3 - Multiple Remote File Inclusions

ISPConfig 2.2.3 - Multiple Remote File Inclusions source: https://www.securityfocus.com/bid/18441/info ISPConfig is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these...

7.5AI score
Exploits0
exploitdb
exploitdb
added 2006/06/14 12:0 a.m.33 views

ISPConfig 2.2.3 - Multiple Remote File Inclusions

source: https://www.securityfocus.com/bid/18441/info ISPConfig is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to include arbitrary remote files containing...

7.4AI score
Exploits0
prion
prion
added 2006/05/12 12:2 a.m.17 views

Remote file inclusion

DISPUTED PHP remote file inclusion vulnerability in session.inc.php in ISPConfig 2.2.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the goinfoserverclassesroot parameter. NOTE: the vendor has disputed this vulnerability, saying that session.inc.php is not under t...

7.5CVSS7.8AI score0.04828EPSS
Exploits1References10Affected Software1
nvd
nvd
added 2006/05/12 12:2 a.m.13 views

CVE-2006-2315

PHP remote file inclusion vulnerability in session.inc.php in ISPConfig 2.2.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the goinfoserverclassesroot parameter. NOTE: the vendor has disputed this vulnerability, saying that session.inc.php is not under the web ro...

7.5CVSS7.6AI score0.04828EPSS
Exploits1References10
cve
cve
added 2006/05/12 12:0 a.m.53 views

CVE-2006-2315

ISPConfig 2.2.2 and earlier is listed as vulnerable to a PHP remote file inclusion via the go_info[server][classes_root] parameter in session.inc.php. The underlying issue is aRemote file inclusion that could allow execution of arbitrary PHP code. However, vendor dispute notes that session.inc.ph...

7.5CVSS7.6AI score0.04828EPSS
Exploits1References10Affected Software1
cvelist
cvelist
added 2006/05/12 12:0 a.m.19 views

CVE-2006-2315

PHP remote file inclusion vulnerability in session.inc.php in ISPConfig 2.2.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the goinfoserverclassesroot parameter. NOTE: the vendor has disputed this vulnerability, saying that session.inc.php is not under the web ro...

7.6AI score0.04828EPSS
Exploits1References10
ptsecurity
ptsecurity
added 2006/05/12 12:0 a.m.10 views

PT-2006-3280 · Ispconfig · Ispconfig

Name of the Vulnerable Software and Affected Versions: ISPConfig versions 2.2.2 and earlier Description: A remote file inclusion issue allows attackers to execute arbitrary PHP code via a URL in the go infoserverclasses root parameter. The vendor has disputed this issue, stating that the affected...

7.5CVSS8AI score0.04828EPSS
Exploits1References14
packetstorm
packetstorm
added 2006/05/09 12:0 a.m.24 views

ISPConfig.txt

======================================================================================= XOR Crew :: Security Advisory 5/6/2006 ======================================================================================= ISPConfig = 2.2.2 - Remote Command Execution Vulnerability...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2006/05/09 12:0 a.m.9 views

ISPConfig 2.2.22.2.3 - Session.INC.php Remote File Inclusion

ISPConfig 2.2.22.2.3 - Session.INC.php Remote File Inclusion source: https://www.securityfocus.com/bid/17909/info ISPConfig is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this iss...

7.5AI score
Exploits0
Rows per page
Query Builder