18 matches found
EUVD-2007-5650
Malware in sbrugna...
EUVD-2007-5073
Malware in sbrugna...
EUVD-2007-5668
Malware in sbrugna...
FreePBX 13.0.x < 13.0.154 - Remote Command Execution
Vulnerable software : Freepbx Tested versions : 13.0.x $this-commandline = $commandline; $this-cwd = $cwd; Line 275 $commandline = $this-commandline; if '\' === DIRECTORYSEPARATOR && $this-enhanceWindowsCompatibility $commandline = 'cmd /V:ON /E:ON /C "'.$commandline.''; foreach...
CVE-2007-5696
PHP remote file inclusion vulnerability in includes.php in phpBasic allows remote attackers to execute arbitrary PHP code via a URL in the root parameter, possibly related to the Music module...
Remote file inclusion
PHP remote file inclusion vulnerability in includes.php in phpBasic allows remote attackers to execute arbitrary PHP code via a URL in the root parameter, possibly related to the Music module...
CVE-2007-5696
CVE-2007-5696 describes a PHP remote file inclusion in includes.php of phpBasic that allows remote attackers to execute arbitrary PHP code via a URL in the root parameter, potentially linked to the Music module. The CVSSv2 base score is 6.8 (NETWORK, MEDIUM, no authentication; partial impacts to ...
CVE-2007-5696
PHP remote file inclusion vulnerability in includes.php in phpBasic allows remote attackers to execute arbitrary PHP code via a URL in the root parameter, possibly related to the Music module...
CVE-2007-5678
SQL injection vulnerability in the Music module in phpBasic allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to the default URI...
Sql injection
SQL injection vulnerability in the Music module in phpBasic allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to the default URI...
CVE-2007-5678
SQL injection vulnerability in the Music module in phpBasic allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action to the default URI...
CVE-2007-5678
The CVE-2007-5678 entry describes an SQL injection in the Music module of phpBasic, exploitable via the id parameter in a view action. Affected component: phpBasic Music module; vulnerability arises from unsanitized input used in SQL queries, enabling remote attackers to alter or access data. Imp...
[Vulz] PHP Basic Multiple Vulnerabilities by Xcross87 & Alucar
Software : phpBasic Music Module Homepage : http://phpbasic.com/ 1. SQL Injection by Xcross87 : Proof of concept : http://victim.com/phpbasic/?php=music&basic=view&id='SQL Injection Xploit admin user account :...
phpbasic-sqlrfi.txt
Software : phpBasic Music Module Homepage : http://phpbasic.com/ 1. SQL Injection by Xcross87 : Proof of concept : http://victim.com/phpbasic/?php=music&basic=view&id='SQL Injection Xploit admin user account :...
[Vulz] PHP Basic Multiple Vulnerabilities by Xcross87 & Alucar
Software : phpBasic Music Module Homepage : http://phpbasic.com/ 1. SQL Injection by Xcross87 : Proof of concept : http://victim.com/phpbasic/?php=music&basic=view&id='SQL Injection Xploit admin user account :...
CVE-2007-5092
Summary: CVE-2007-5092 is a directory traversal vulnerability in the Dance Music module’s index.php for phpNuke, exploited when register_globals is enabled. The flaw allows remote attackers to include and execute arbitrary local files by injecting a .. path via an ACCEPT_FILE array parameter to m...
CVE-2005-4781
Multiple SQL injection vulnerabilities in SergiDs Top Music module 3.0 PR3 and earlier for PHP-Nuke allow remote attackers to execute arbitrary SQL commands via the 1 idartist, 2 idsong, and 3 idalbum parameters to modules.php...
Top Music module for PHP Nuke SQL inj. vuln
Top Music module for PHP Nuke SQL inj. vuln Vuln. dicovered by : r0t Date: 28 nov. 2005 orginal advisory:http://pridels.blogspot.com/2005/11/top-music-module-for-php-nuke-sql-inj.html Vendor:http://www.sergids.com/ affected version:3.0 PR3 and prior Product Description: This is a module for PHPNu...