CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2009/03/06 11:30 a.m.•8 views

CVE-2008-6403

PHP remote file inclusion vulnerability in themes/default/include/html/insert.inc.php in OpenRat 0.8-beta4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the tpldir parameter...

7.5CVSS7.6AI score0.03209EPSS

Prion•added 2009/03/06 11:30 a.m.•6 views

Remote file inclusion

7.5CVSS8.1AI score0.03209EPSS

CVE•added 2009/03/06 11:0 a.m.•38 views

CVE-2008-6403

The CVE-2008-6403 issue affects OpenRat 0.8-beta4 and earlier, where a PHP remote file inclusion vulnerability in themes/default/include/html/insert.inc.php allows an attacker to execute arbitrary PHP code via a URL parameter (tpl_dir). The underlying cause is improper handling of the tpl_dir par...

7.5CVSS7.8AI score0.03209EPSS

Cvelist•added 2009/03/06 11:0 a.m.•13 views

CVE-2008-6403

7.6AI score0.03209EPSS

seebug.org•added 2008/09/25 12:0 a.m.•6 views

OpenRat 'insert.inc.php'远程文件包含漏洞

BUGTRAQ ID: 31339 CNCAN ID：CNCAN-2008092405 OpenRat是一款基于PHP的WEB应用程序。 OpenRat不正确处理用户提交的输入，远程攻击者可以利用漏洞以WEB权限执行任意PHP代码。问题由于'insert.inc.php'脚本对用户提交给'tpldir'参数缺少过滤，指定远程服务器上的任意文件作为包含对象，可导致WEB权限执行任意PHP代码。 OpenRat 0.8-beta4 目前没有解决方案提供： http://www.openrat.de/...

6.9AI score

seebug.org•added 2008/09/24 12:0 a.m.•29 views

OpenRat <= 0.8-beta4 (tpl_dir) Remote File Inclusion Vulnerability

No description provided by source. :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ dunatstrcpy.pl OpenRat = 0.8-beta4 Remote File Inclusion Vulnerability Script: "OpenRat is a free Web...

7.1AI score

Packet Storm•added 2008/09/24 12:0 a.m.•27 views

openrat-rfi.txt

:::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ dunatstrcpy.pl OpenRat ... Greetz: D3m0nDE str0ke and otherz.. dun / 2008...

7.4AI score

exploitpack•added 2008/09/23 12:0 a.m.•17 views

OpenRat 0.8-beta4 - tpl_dir Remote File Inclusion

OpenRat 0.8-beta4 - tpldir Remote File Inclusion :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ dunatstrcpy.pl OpenRat ... Greetz: D3m0nDE str0ke and otherz.. dun / 2008 milw0rm.com 2008-09-23...

7.5AI score

0day.today•added 2008/09/23 12:0 a.m.•59 views

OpenRat <= 0.8-beta4 (tpl_dir) Remote File Inclusion Vulnerability

Exploit for unknown platform in category web applications ================================================================== OpenRat ... 0day.today 2018-02-18...

7.1AI score

Exploit DB•added 2008/09/23 12:0 a.m.•41 views

OpenRat 0.8-beta4 - 'tpl_dir' Remote File Inclusion

7.4AI score

NVD•added 2007/08/08 1:17 a.m.•10 views

CVE-2007-4175

Multiple cross-site scripting XSS vulnerabilities in index.php in OpenRat CMS 0.8-beta1 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 subaction and 2 action parameters...

4.3CVSS5.8AI score0.00323EPSS

Prion•added 2007/08/08 1:17 a.m.•15 views

Cross site scripting

4.3CVSS6.1AI score0.00323EPSS

CVE•added 2007/08/08 1:11 a.m.•36 views

CVE-2007-4175

Vulnerability summary (CVE-2007-4175): OpenRat CMS up to 0.8-beta1 and earlier is affected by multiple cross-site scripting (XSS) in index.php. An attacker can supply crafted values for the (1) subaction and (2) action parameters to inject arbitrary web script/HTML. The explicit vulnerability is ...

4.3CVSS5.8AI score0.00323EPSS

Cvelist•added 2007/08/08 1:11 a.m.•11 views

CVE-2007-4175

5.8AI score0.00323EPSS