CVE-2008-7055

CVE-2008-7055 affects ezContents 2.0.3: module.php allows remote attackers to bypass directory traversal protections and include/execute arbitrary local files via "....//" sequences in the link parameter. The flaw arises from improper filtering by str_replace. Evidence from NVD/NVD-linked entries...

Pigyard Art Gallery Multiple SQL Injection

Aria-Security Team, http://Aria-Security.net ------------------------------- Shout Outs: AurA, imm02tal, iM4N, Kinglet, Vendor: Pigyard Art Gallery Multiple SQL Injection This is a completation of the original advisory reported by ZoRLu @ Milw0rm http://www.milw0rm.com/exploits/5181 Original Link...

CVE-2007-4210

CVE-2007-4210 affects LANAI (la-nai) CMS 1.2.14. The issue consists of multiple SQL injection vulnerabilities in module.php, allowing remote attackers to execute arbitrary SQL commands via three parameters: (1) mid in the FAQ Modules (faqviewgroup action), (2) cid in EZSHOPPINGCART Modules, and (...

Digital Eye Gallery 1.1 Beta (module.php menu) Remote File Include Vulnerabilities

Digital Eye Gallery 1.1 Beta module.php menu Remote File Include Vulnerabilities script : http://mamboxchange.com/frs/download.php/7469/digitaleyecms.1.1BETA.tar.gz file : /module.php Found by & Contact : Cold z3ro , [email protected] , http://hack-teach.com/ , Team Hell Crew requireonce $men...

Digital Eye Gallery Module.PHP远程文件包含漏洞

Digital Eye Gallery是一款基于PHP的WEB应用程序。 Digital Eye Gallery不正确过滤用户提交的输入，远程攻击者可以利用漏洞以WEB权限执行任意命令。 问题是'Module.PHP'脚本对用户提交的'menu'参数缺少过滤，指定远程服务器上的文件作为包含参数，可导致以WEB权限执行任意命令。 Digital Eye Gallery Digital Eye Gallery 1.1 Beta 目前没有解决方案提供： http://mamboxchange.com/projects/digitaleye/...

Digital Eye CMS 0.1.1b (module.php) Remote File Inclusion Vulnerability

Exploit for unknown platform in category web applications ======================================================================= Digital Eye CMS 0.1.1b module.php Remote File Inclusion Vulnerability ======================================================================= Digital Eye Gallery 1.1...

Digital Eye CMS 0.1.1b - module.php Remote File Inclusion

Digital Eye CMS 0.1.1b - module.php Remote File Inclusion Digital Eye Gallery 1.1 Beta module.php menu Remote File Include Vulnerabilities script : http://mamboxchange.com/frs/download.php/7469/digitaleyecms.1.1BETA.tar.gz file : /module.php Found by & Contact : Cold z3ro , [email protected] ...

Digital Eye CMS 0.1.1b - 'module.php' Remote File Inclusion

Digital Eye Gallery 1.1 Beta module.php menu Remote File Include Vulnerabilities script : http://mamboxchange.com/frs/download.php/7469/digitaleyecms.1.1BETA.tar.gz file : /module.php Found by & Contact : Cold z3ro , [email protected] , http://hack-teach.com/ , Team Hell Crew requireonce $men...

CVE-2004-0070

CVE-2004-0070 describes a remote code execution vulnerability in the ezContents package, specifically in the module.php game that handles a link parameter. The OpenVAS entry for this CVE notes that ezContents can be forced to include an external PHP file, causing the remote attacker’s code to be ...

CVE-2004-0070

PHP remote file inclusion vulnerability in module.php for ezContents allows remote attackers to execute arbitrary PHP code by modifying the link parameter to reference a URL on a remote web server that contains the code...