14 matches found
EUVD-2007-0807
Malware in sbrugna...
MVCnPHP <= 3.0 glConf[path_libraries] Remote Include Vulnerabilities
No description provided by source. MVCnPHP Remote File Inclusion ToXiC CrEw Bug Found by Drago84 Page Sources: http://freshmeat.net/redir/mvcnphp/46123/urltgz/GeeklogMVCnPHP-3.0.0.tgz Page Affect: BaseCommand.php BaseLoader.php BaseView.php ExP:...
Geeklog远程文件包含漏洞
Geeklog是一款基于PHP的WEB应用程序。 Geeklog不正确过滤用户提交的输入,远程攻击者可以利用漏洞以WEB权限执行任意命令。 问题是多个脚本对用户提交的'glConfpathlibraries'参数缺少过滤,指定远程服务器上的文件作为包含参数,可导致以WEB权限执行任意命令。 Geeklog 2.0 目前没有解决方案提供: http://geeklog.sourceforge.net/ http://www.example.com/path/Geeklog/MVCnPHP/BaseView.php?glConfpathlibraries=attacker site...
Remote file inclusion
PHP remote file inclusion vulnerability in MVCnPHP/BaseView.php in GeekLog 2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the glConfpathlibraries parameter. NOTE: this might be a vulnerability in MVCnPHP rather than a vulnerability in GeekLog...
CVE-2007-0810
PHP remote file inclusion vulnerability in MVCnPHP/BaseView.php in GeekLog 2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the glConfpathlibraries parameter. NOTE: this might be a vulnerability in MVCnPHP rather than a vulnerability in GeekLog...
CVE-2007-0810
CVE-2007-0810 describes a PHP remote file inclusion in GeekLog 2 and earlier via glConf[path_libraries] in MVCnPHP/BaseView.php, allowing remote execution of PHP code by supplying a URL. The vulnerability’s root cause is a file inclusion flaw that can process an attacker-supplied URL, with impact...
MVCnPHP glConf[path_library]远程文件包含漏洞
No description provided by source...
MVCnPHP <= 3.0 glConf[path_libraries] Remote Include Vulnerabilities
No description provided by source. MVCnPHP Remote File Inclusion ToXiC CrEw Bug Found by Drago84 Page Sources: http://freshmeat.net/redir/mvcnphp/46123/urltgz/GeeklogMVCnPHP-3.0.0.tgz Page Affect: BaseCommand.php BaseLoader.php BaseView.php ExP:...
CVE-2006-4160
Multiple PHP remote file inclusion vulnerabilities in Tony Bibbs and Vincent Furia MVCnPHP 3.0 allow remote attackers to execute arbitrary PHP code via a URL in the glConfpathlibrary parameter to 1 BaseCommand.php, 2 BaseLoader.php, and 3 BaseView.php...
EUVD-2006-4150
Multiple PHP remote file inclusion vulnerabilities in Tony Bibbs and Vincent Furia MVCnPHP 3.0 allow remote attackers to execute arbitrary PHP code via a URL in the glConfpathlibrary parameter to 1 BaseCommand.php, 2 BaseLoader.php, and 3 BaseView.php...
CVE-2006-4160
CVE-2006-4160 involves multiple PHP remote file inclusion (RFI) vulnerabilities in MVCnPHP 3.0 by Tony Bibbs and Vincent Furia. The flaw allows remote attackers to execute arbitrary PHP code by supplying a crafted URL for the glConf[path_library] parameter in (1) BaseCommand.php, (2) BaseLoader.p...
MVCnPHP <= 3.0 glConf[path_libraries] Remote Include Vulnerabilities
Exploit for unknown platform in category web applications ==================================================================== MVCnPHP = 3.0 glConfpathlibraries Remote Include Vulnerabilities ==================================================================== MVCnPHP Remote File Inclusion ToXiC...
MVCnPHP 3.0 - glConf[path_libraries] Remote File Inclusion
MVCnPHP 3.0 - glConfpathlibraries Remote File Inclusion MVCnPHP Remote File Inclusion ToXiC CrEw Bug Found by Drago84 Page Sources: http://freshmeat.net/redir/mvcnphp/46123/urltgz/GeeklogMVCnPHP-3.0.0.tgz Page Affect: BaseCommand.php BaseLoader.php BaseView.php ExP:...
MVCnPHP 3.0 - glConf[path_libraries] Remote File Inclusion
MVCnPHP Remote File Inclusion ToXiC CrEw Bug Found by Drago84 Page Sources: http://freshmeat.net/redir/mvcnphp/46123/urltgz/GeeklogMVCnPHP-3.0.0.tgz Page Affect: BaseCommand.php BaseLoader.php BaseView.php ExP:...