EUVD-2007-1692

Malware in sbrugna...

Philex CMS 0.2 Directory Traversal

Title: ======= Philex CMS - Directory Traversal Introduction: ============== A content management system CMS is a computer application that supports the creation and modification of digital content. It is often used to support multiple users working in a collaborative environment. CMS features va...

Philex CMS 0.2 Directory Traversal Vulnerability

Exploit for php platform in category web applications Title: ======= Philex CMS - Directory Traversal Introduction: ============== A content management system CMS is a computer application that supports the creation and modification of digital content. It is often used to support multiple users...

Remote file inclusion

PHP remote file inclusion vulnerability in header.inc.php in Philex 0.2.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the CssFile parameter...

Immunity Canvas: PHILEX_INCLUDE

Name| philexinclude ---|--- CVE| CVE-2007-1697 Exploit Pack| CANVAS Description| Philex 0.2.3 = Remote File Include Notes| CVSS: 10.0 Repeatability: Infinite VENDOR: Philex CVE Url: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1697 CVE Name: CVE-2007-1697...

CVE-2007-1697

PHP remote file inclusion vulnerability in header.inc.php in Philex 0.2.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the CssFile parameter...

CVE-2007-1698

Philex 0.2.3 and earlier are affected. download.php accepts a file parameter that allows remote attackers to read arbitrary files and source code, revealing sensitive information due to improper handling of the parameter. Vulnerability details indicate a failure to validate or constrain the file ...

CVE-2007-1698

download.php in Philex 0.2.3 and earlier allows remote attackers to read arbitrary files and source code, and obtain sensitive information via the file parameter...

CVE-2007-1697

CVE-2007-1697 describes a PHP remote file inclusion in Philex 0.2.3 and earlier. In header.inc.php, an attacker can trigger arbitrary PHP code execution by supplying a URL in the CssFile parameter. The NVD entry lists a base score of 10.0 (HIGH) with network attack vector, no authentication, and ...

CVE-2007-1697

PHP remote file inclusion vulnerability in header.inc.php in Philex 0.2.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the CssFile parameter...

Philex 0.2.3 <= Remote File(Disclosure/Include)Vulnerabilities

Philex 0.2.3 = Remote FileDisclosure/IncludeVulnerabilities D.Script: http://kent.dl.sourceforge.net/sourceforge/philex/philex0.2.3.tgz Discovered by: GloDM = Mahmoodali Homepage: http://www.Tryag.cc Greetz To: Tryag-Team & 4lKaSrGoLd3n-Team & AsbMay's Group V.Code Include: ?include $CssFile;?...

Philex <= 0.2.3 RFI / File Disclosure Remote Vulnerabilities

No description provided by source. Philex 0.2.3 Exploit Remote File Include: PathPhilex/header.inc.php?CssFile=Shell V.Code Disclosure:...

philex-disclose.txt

Philex 0.2.3 Exploit Remote File Include: PathPhilex/header.inc.php?CssFile=Shell V.Code Disclosure: readfile$HTTPGETVARS"file"; Exploit Remote File Disclosure: PathPhilex/download.php?file=conf.inc.php...

Philex <= 0.2.3 RFI / File Disclosure Remote Vulnerabilities

Exploit for unknown platform in category web applications ============================================================ Philex Exploit Remote File Include: PathPhilex/header.inc.php?CssFile=Shell V.Code Disclosure: readfile$HTTPGETVARS"file"; Exploit Remote File Disclosure:...

Philex &lt;= 0.2.3 RFI / File Disclosure Remote Vulnerabilities

No description provided by source. Philex 0.2.3 = Remote FileDisclosure/IncludeVulnerabilities D.Script: http://kent.dl.sourceforge.net/sourceforge/philex/philex0.2.3.tgz Discovered by: GloDM = Mahmoodali Homepage: http://www.Tryag.cc Greetz To: Tryag-Team & 4lKaSrGoLd3n-Team & AsbMay's Group...

Philex 0.2.3 - Remote File Inclusion File Disclosure

Philex 0.2.3 - Remote File Inclusion File Disclosure Philex 0.2.3 Exploit Remote File Include: PathPhilex/header.inc.php?CssFile=Shell V.Code Disclosure: readfile$HTTPGETVARS"file"; Exploit Remote File Disclosure: PathPhilex/download.php?file=conf.inc.php milw0rm.com 2007-03-23...

Philex 0.2.3 - Remote File Inclusion / File Disclosure

Philex 0.2.3 Exploit Remote File Include: PathPhilex/header.inc.php?CssFile=Shell V.Code Disclosure: readfile$HTTPGETVARS"file"; Exploit Remote File Disclosure: PathPhilex/download.php?file=conf.inc.php milw0rm.com 2007-03-23...