18 matches found
EUVD-2007-5073
Malware in sbrugna...
EUVD-2007-5668
Malware in sbrugna...
EUVD-2007-5650
Malware in sbrugna...
FreePBX 13.0.x < 13.0.154 - Remote Command Execution
Vulnerable software : Freepbx Tested versions : 13.0.x $this-commandline = $commandline; $this-cwd = $cwd; Line 275 $commandline = $this-commandline; if '\' === DIRECTORYSEPARATOR && $this-enhanceWindowsCompatibility $commandline = 'cmd /V:ON /E:ON /C "'.$commandline.''; foreach...
Remote file inclusion
PHP remote file inclusion vulnerability in includes.php in phpBasic allows remote attackers to execute arbitrary PHP code via a URL in the root parameter, possibly related to the Music module...
CVE-2007-5696
PHP remote file inclusion vulnerability in includes.php in phpBasic allows remote attackers to execute arbitrary PHP code via a URL in the root parameter, possibly related to the Music module...
CVE-2007-5696
PHP remote file inclusion vulnerability in includes.php in phpBasic allows remote attackers to execute arbitrary PHP code via a URL in the root parameter, possibly related to the Music module...
CVE-2007-5696
CVE-2007-5696 describes a PHP remote file inclusion in includes.php of phpBasic that allows remote attackers to execute arbitrary PHP code via a URL in the root parameter, potentially linked to the Music module. The CVSSv2 base score is 6.8 (NETWORK, MEDIUM, no authentication; partial impacts to ...
CVE-2007-5678
SQL injection vulnerability in the Music module in phpBasic allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to the default URI...
Sql injection
SQL injection vulnerability in the Music module in phpBasic allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to the default URI...
CVE-2007-5678
SQL injection vulnerability in the Music module in phpBasic allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to the default URI...
CVE-2007-5678
The CVE-2007-5678 entry describes an SQL injection in the Music module of phpBasic, exploitable via the id parameter in a view action. Affected component: phpBasic Music module; vulnerability arises from unsanitized input used in SQL queries, enabling remote attackers to alter or access data. Imp...
[Vulz] PHP Basic Multiple Vulnerabilities by Xcross87 & Alucar
Software : phpBasic Music Module Homepage : http://phpbasic.com/ 1. SQL Injection by Xcross87 : Proof of concept : http://victim.com/phpbasic/?php=music&basic=view&id='SQL Injection Xploit admin user account :...
phpbasic-sqlrfi.txt
Software : phpBasic Music Module Homepage : http://phpbasic.com/ 1. SQL Injection by Xcross87 : Proof of concept : http://victim.com/phpbasic/?php=music&basic=view&id='SQL Injection Xploit admin user account :...
[Vulz] PHP Basic Multiple Vulnerabilities by Xcross87 & Alucar
Software : phpBasic Music Module Homepage : http://phpbasic.com/ 1. SQL Injection by Xcross87 : Proof of concept : http://victim.com/phpbasic/?php=music&basic=view&id='SQL Injection Xploit admin user account :...
CVE-2007-5092
Summary: CVE-2007-5092 is a directory traversal vulnerability in the Dance Music module’s index.php for phpNuke, exploited when register_globals is enabled. The flaw allows remote attackers to include and execute arbitrary local files by injecting a .. path via an ACCEPT_FILE array parameter to m...
CVE-2005-4781
Multiple SQL injection vulnerabilities in SergiDs Top Music module 3.0 PR3 and earlier for PHP-Nuke allow remote attackers to execute arbitrary SQL commands via the 1 idartist, 2 idsong, and 3 idalbum parameters to modules.php...
Top Music module for PHP Nuke SQL inj. vuln
Top Music module for PHP Nuke SQL inj. vuln Vuln. dicovered by : r0t Date: 28 nov. 2005 orginal advisory:http://pridels.blogspot.com/2005/11/top-music-module-for-php-nuke-sql-inj.html Vendor:http://www.sergids.com/ affected version:3.0 PR3 and prior Product Description: This is a module for PHPNu...