15 matches found
PBLang <= 4.65 Remote Command Execution Exploit
No description provided by source. ?php / PBLang 4.65 possibly prior versions remote code execution by rgod - site: http://rgod.altervista.org make these changes in php.ini if you have troubles with this script: allowcalltimepassreference = on registerglobals = on / errorreporting0;...
CVE-2005-3919
Cross-site scripting XSS vulnerability in PBLang 4.65 allows remote attackers to inject arbitrary web script or HTML via multiple fields in 1 UCP.php and 2 SendPm.php...
CVE-2005-3919
PBLang 4.65 is affected by a cross-site scripting (XSS) vulnerability in UCP.php and SendPm.php. The issue allows remote attackers to inject arbitrary web script or HTML via multiple fields, enabling potential theft or manipulation of user data as described in CVE-2005-3919. No remediation detail...
XSS in PBLang 4.65 Profile.php/UCP.php
Who's got the magic stick? It sure as hell ain't 50 Cent. Excuse me for posting again within minutes but I did not properly check the other forms. In UCP.php, when editing your profile, in several fields you can inject code into the page, just as in the SendPm.php. EX: Input table: "URL"...
PBLang465.txt
Class: Input Validation Error CVE: CVE-MAP-NOMATCH Remote: Yes Local: Yes Credit: Abducter [email protected] Or [email protected] Vulnerable: File Including In PBLang 4.65 ALL VERSION info PBLang IS POWER PHP SITES SUPPORT HERE http://pblang.drmartinus.de/ expliot...
CVE-2005-2895
setcookie.php in PBLang 4.65, and possibly earlier versions, allows remote attackers to obtain sensitive information via a %00 a null byte in the u parameter, which reveals the path in an error message...
CVE-2005-2893
CVE-2005-2893 affects PBLang 4.65 (and possibly earlier). The vulnerability is a direct static code injection in setcookie.php where the username parameter (u) is directly injected into a file that is later executed upon login, enabling remote code execution. The available sources identify the vu...
CVE-2005-2892
CVE-2005-2892 affects PBLang 4.65 (and possibly earlier) with a directory traversal weakness in setcookie.php that lets remote attackers read arbitrary files by manipulating the u parameter (using .. and %00). Documents indicate this is a read-privilege vulnerability (partial confidentiality impa...
PBLang <= 4.65 Remote Command Execution Exploit (2)
No description provided by source. ?php | | | PBLang = 4.65 remote commands exec exploit | | tested on 4.65 | | coded by Pengo 2005 RST/GHC | | http://rst.void.ru | | http://ghc.ru | | | WARNING! This exploit is successfully work when magicquotesrpc off = D:\httpd\phpphp.exe ..\www\r57pblang465.p...
PBLang 4.65 - Remote Command Execution (1)
PBLang 4.65 - Remote Command Execution 1 site: http://rgod.altervista.org make these changes in php.ini if you have troubles with this script: allowcalltimepassreference = on registerglobals = on / errorreporting0; iniset"maxexecutiontime",0; iniset"defaultsockettimeout", 2; obimplicitflush 1; ec...
PBLang 4.65 - Remote Command Execution (2)
php.exe ..\www\r57pblang465.php localhost /pbl/ "pblcookie732128=Pe ng0; PBLsecid=a4c2f845c002ac54f5751440647f3c91;" Peng0 PrSrS $ARGV = $SERVER'argv'; global $ARGV; ifcount$ARGV == 0 echo base64decode"3fLu8iDx6vDo7/Ig5O7r5uXtIOH78vwg5+Dv8/nl7SDo5yDq7uzg7eTt7u...
CVE-2005-0526
Multiple cross-site scripting XSS vulnerabilities in PBLang 4.65 allow remote attackers to inject arbitrary web script or HTML via 1 the search string to search.php, 2 the subject of a PM, which is processed by pm.php, or 3 the body of a PM, which is processed by pmpshow.php...
Software PBLang 4.65 pmpshow.php XSS vulnerability
HRG - Hackerlounge Research Group Release: HRG002 Friday 11-02-05 Software PBLang 4.65 pmpshow.php XSS vulnerability The author can't be held responsible for any damage done by a reader. You have your own resonsibility Please use this document like it's meant to. Vulnerable: PBLang 4.65 current a...
CVE-2005-0526
Multiple cross-site scripting XSS vulnerabilities in PBLang 4.65 allow remote attackers to inject arbitrary web script or HTML via 1 the search string to search.php, 2 the subject of a PM, which is processed by pm.php, or 3 the body of a PM, which is processed by pmpshow.php...
CVE-2005-0526
CVE-2005-0526 refers to multiple XSS vulnerabilities in PBLang 4.65. Public sources (NVD/Nessus/NASL listings) identify three entry points: (1) the search string to search.php, (2) the subject of a PM processed by pm.php, and (3) the body of a PM processed by pmpshow.php. The underlying issue is ...