EUVD-2007-1784

Malware in sbrugna...

Kaqoo Auction Install_Root远程文件包含漏洞

Kaqoo Auction是一款基于PHP的WEB应用程序。 Kaqoo Auction不正确过滤用户提交的输入，远程攻击者可以利用漏洞以WEB权限执行任意命令。 问题是多个脚本对用户提交的WEB参数缺少过滤，指定远程服务器上的文件作为包含参数，可导致以WEB权限执行任意命令。 Kaqoo Auction 目前没有解决方案提供： http://kaqoo.com/ http://www.example.com/include/core/support.inc.php?installroot=Shell...

CVE-2007-1790

Multiple PHP remote file inclusion vulnerabilities in Kaqoo Auction Software Free Edition allow remote attackers to execute arbitrary PHP code via a URL in the installroot parameter to 1 support.inc.php, 2 function.inc.php, 3 rdalobject.inc.php, 4 rdaleditor.inc.php. 5 login.inc.php, 6...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in Kaqoo Auction Software Free Edition allow remote attackers to execute arbitrary PHP code via a URL in the installroot parameter to 1 support.inc.php, 2 function.inc.php, 3 rdalobject.inc.php, 4 rdaleditor.inc.php. 5 login.inc.php, 6...

CVE-2007-1790

Multiple PHP remote file inclusion vulnerabilities in Kaqoo Auction Software Free Edition allow remote attackers to execute arbitrary PHP code via a URL in the installroot parameter to 1 support.inc.php, 2 function.inc.php, 3 rdalobject.inc.php, 4 rdaleditor.inc.php. 5 login.inc.php, 6...

CVE-2007-1790

CVE-2007-1790 describes multiple PHP remote file inclusion vulnerabilities in Kaqoo Auction Software Free Edition. An attacker can exploit the install_root parameter to load arbitrary files via URLs in a long list of include paths (including core, display, and root include directories), potential...

Kaqoo Auction (install_root) Multiple Remote File Include Vulnerabilities

No description provided by source. To ConTacT mE @ www.Asb-May.net/bb ScRiPt:-http://kaqoo.com/server/download.php GrEaTz To:-ToOofa-HaCk.eGy-Alkmadz-Bright Dark All AsB-MaY DisCoverY ExPloIts GrOup Discovered By:- ThE dE@Th Wrong Code:- includeonce"$installroot...

Kaqoo Auction (install_root) Multiple Remote File Include Vulnerabilities

Exploit for unknown platform in category web applications ========================================================================= Kaqoo Auction installroot Multiple Remote File Include Vulnerabilities =========================================================================...

Kaqoo Auction - install_root Multiple Remote File Inclusions

Kaqoo Auction - installroot Multiple Remote File Inclusions To ConTacT mE @ www.Asb-May.net/bb ScRiPt:-http://kaqoo.com/server/download.php GrEaTz To:-ToOofa-HaCk.eGy-Alkmadz-Bright Dark All AsB-MaY DisCoverY ExPloIts GrOup Discovered By:- ThE dE@Th Wrong Code:- includeonce"$installroot...