PHP ip2long() function circumvention

--- PHP ip2long function circumvention -------------------------------------- tested on php 5.0.2 " 4.3.3 -------------------------------------------------------------------------------- after some test on miniBB application http://www.minibb.net/ I obtained that the php ip2long function can be...

Input validation

PHP-Fusion 6.00.306 and earlier, running under Apache HTTP Server 1.3.27 and PHP 4.3.3, allows remote authenticated users to upload files of arbitrary types using a filename that contains two or more extensions that ends in an assumed-valid extension such as .gif, which bypasses the validation, a...

CVE-2006-2330

PHP-Fusion 6.00.306 and earlier, running under Apache HTTP Server 1.3.27 and PHP 4.3.3, allows remote authenticated users to upload files of arbitrary types using a filename that contains two or more extensions that ends in an assumed-valid extension such as .gif, which bypasses the validation, a...

CVE-2006-2330

CVE-2006-2330 affects PHP-Fusion 6.00.306 and earlier running on Apache 1.3.27 with PHP 4.3.3. The vulnerability arises in the file-upload validation logic, where a filename containing two or more extensions ending with an assumed-valid extension (e.g., .gif) can bypass validation. An authenticat...

PHP-Fusion 6.00.306 - Multiple Vulnerabilities

PHP-Fusion 6.00.306 - Multiple Vulnerabilities !/usr/bin/php -q -d shortopentag=on ? echo "PHPFusion = v6.00.306 avatar modmime arbitrary file upload &\r\n"; echo "local inclusion vulnerabilities\r\n"; echo "by rgod [email protected]\r\n"; echo "site: http://retrogod.altervista.org\r\n\r\n"; if...