7 matches found
EUVD-2006-7098
Malware in sbrugna...
EUVD-2006-7099
Malware in sbrugna...
CVE-2006-7116
SQL injection vulnerability in includes/functions.php in Kubix 0.7 and earlier allows remote attackers to execute arbitrary SQL commands and bypass authentication via the memberid parameter $id variable to index.php...
CVE-2006-7116
SQL injection vulnerability in includes/functions.php in Kubix 0.7 and earlier allows remote attackers to execute arbitrary SQL commands and bypass authentication via the memberid parameter $id variable to index.php...
CVE-2006-7117
Multiple directory traversal vulnerabilities in Kubix 0.7 and earlier allow remote attackers to 1 include and execute arbitrary local files via ".." sequences in the theme cookie to index.php, which is not properly handled by includes/head.php; and 2 read arbitrary files via ".." sequences in the...
CVE-2006-7116
Kubix 0.7 and earlier are affected by a SQL injection in includes/functions.php. The vulnerability is exploitable via the member_id parameter ($id variable) to index.php, enabling remote attackers to execute arbitrary SQL commands and bypass authentication. This is supported by multiple sources (...
kubix 0.7 - Multiple Vulnerabilities
!/usr/bin/php -q -d shortopentag=on \r\n"; echo "Thanks to rgod for the php code and Marty for the Love\r\n\r\n"; if $argc Related: path of the file to include\r\n"; echo " |- Es: php ".$argv0." localhost /kubix/ 1 ../../../../../etc/passwd\r\n\r\n"; echo " 2 - Login Bypass PoC\r\n"; echo " |-...