ProjectSend 'install/make-config.php' file arbitrary code execution vulnerability

ProjectSend formerly known as cFTP is a suite of self-hosted applications based on PHP and MySQL. A security vulnerability exists in the 'install/make-config.php' file in ProjectSend r754. The vulnerability can be exploited by a remote attacker to execute arbitrary PHP code with the help of the...

PHP Weather 2.2.2 (LFI/XSS) Multiple Remote Vulnerabilities

No description provided by source. Lfi/xss script: phpweather-2.2.2 download from:http://downloads.sourceforge.net/phpweather/phpweather-2.2.2.zip?modtime=1087430400&bigmirror=0 vul: /test.php line 48: requirePHPWEATHERBASEDIR . "/output/pwtext$language.php"; xpl:...

PHP Weather 2.2.2 (LFI/XSS) Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications =========================================================== PHP Weather 2.2.2 LFI/XSS Multiple Remote Vulnerabilities =========================================================== Lfi/xss script: phpweather-2.2.2 download...