WordPress Simple Fields Plugin 0.2 - 0.3.5 - Local/Remote File Inclusion / Remote Code Execution Vul

Exploit for php platform in category web applications Exploit Title: Simple Fields 0.2 - 0.3.5 LFI/RFI/RCE Exploit Author: Graeme Robinson Contact: @Grasec Vendor Homepage: http://simple-fields.com Software Link: https://downloads.wordpress.org/plugin/simple-fields.0.3.5.zip Version: 0.2 - 0.3.5...

WordPress Plugin Simple Fields 0.2 - 0.3.5 - Local/Remote File Inclusion / Remote Code Execution

Exploit Title: Simple Fields 0.2 - 0.3.5 LFI/RFI/RCE Date: 2018-04-08 Exploit Author: Graeme Robinson Contact: @Grasec Vendor Homepage: http://simple-fields.com Software Link: https://downloads.wordpress.org/plugin/simple-fields.0.3.5.zip Version: 0.2 - 0.3.5 Tested on: Ubuntu 16.04.4 + PHP 5.3.0...

PHP 5.3.4 Win Com Module Com_sink Exploit

No description provided by source. Exploit Title: PHP 5.3.4 Win Com Module Comsink Local Exploit Google Dork: Nil Date: 9/10/2012 Author: FB1H2S Software Link: PHP Windows Version: 5.3.4 Tested on: Microsoft XP Pro 2002 SP2 ?php //PHP 5.3.4 // //$eip =\x44\x43\x42\x41; $eip= \x4b\xe8\x57\x78; $ea...

phpMoneyBooks 1.0.2 - Local File Inclusion

涉及文件: /index.php 85-94L php else include'header.php'; if$GETfile=="" $GETfile="index.php"; iffileexists"modules/".$GETmodule."/".$GETfile include"modules/".$GETmodule."/".$GETfile; else echo "error"; 程序会根据传递的 $GETmodule 参数来动态加载程序的处理模块: include"modules/".$GETmodule."/".$GETfile;...

FengCMS本地文件包含一枚

简要描述： LFI 详细说明： 条件：PHP'; else echo ''; else if $GET'tags' != '' $encode = mbdetectencoding $GET'tags', array "ASCII", "UTF-8", "GB2312", "GBK", "BIG5" ; if $encode != "UTF-8" $GET'tags' = iconv "gb2312", "UTF-8", $GET'tags' ; if$GET'tags' if$GET'project'!="" return...

Macs CMS 1.1.4 - Multiple Vulnerabilities

Macs CMS 1.1.4 - Multiple Vulnerabilities Exploit Title: Mac's CMS - Multiple vilnerabilities Date: 2013 14 August Exploit Author: Yashar shahinzadeh Special thanks to Mormoroth Credit goes for: http://y-shahinzadeh.ir & ha.cker.ir Vendor Homepage: http://macs-framework.sourceforge.net/ Tested on...

Mac's CMS 1.1.4 - Multiple Vulnerabilities

Exploit Title: Mac's CMS - Multiple vilnerabilities Date: 2013 14 August Exploit Author: Yashar shahinzadeh Special thanks to Mormoroth Credit goes for: http://y-shahinzadeh.ir & ha.cker.ir Vendor Homepage: http://macs-framework.sourceforge.net/ Tested on: Linux & Windows, PHP 5.3.4 Affected...

Open Real Estate CMS 1.5.1 - Multiple Vulnerabilities

Open Real Estate CMS 1.5.1 - Multiple Vulnerabilities Exploit Title: Open Real Estate CMS - Multiple vilnerabilities Date: 2013 9 August Exploit Author: Yashar shahinzadeh Special thanks to Mormoroth Credit goes for: http://y-shahinzadeh.ir & ha.cker.ir Vendor Homepage:...

PHP 5.3.4(WIN) COM_SINK elevation of privilege vulnerability-vulnerability warning-the black bar safety net

PHP the latest version has been updated to 5. 4. x, but China is still in the in the 5. 2. x and 5. 3. x-replacement phase. There is a vulnerability of the php present in the 5. 3. x version The test method is as follows: cmd /c x:\php\php.exe x:\test.php Download php app to a local, then use php...

PHP 5.3.4 Win Com Module - Com_sink

Exploit Title: PHP 5.3.4 Win Com Module Comsink Local Exploit Google Dork: Nil Date: 9/10/2012 Author: FB1H2S Software Link: PHP Windows Version: 5.3.4 Tested on: Microsoft XP Pro 2002 SP2...

PHP 5.3.4 com_event_sink 0-Day

Exploit for php platform in category local exploits 0day.today 2018-04-05...

PHP 5.3.4 com_event_sink 0-Day

...

phpMyBitTorrent 2.04 SQL Injection / Local File Inclusion

Exploit for php platform in category web applications Author: Janek Vind "waraxe" Date: 01. October 2012 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-91.html Description of vulnerable target: phpMyBitTorrent is the brand new Open Source solution for BitTorrent communities!...

Invision Power Board 3.3.0 Local File Inclusion

waraxe-2012-SA086 - Local File Inclusion in Invision Power Board 3.3.0 =============================================================================== Author: Janek Vind "waraxe" Date: 12. April 2012 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-86.html CVE:...

'phpMoneyBooks' Local File Inclusion (CVE-2012-1669)

'phpMoneyBooks' Local File Inclusion CVE-2012-1669 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in index.php for module handling that allows for local file inclusion using a null-byte attack on the 'module' GET parameter...

phpPaleo - Local File Inclusion

'phpPaleo' Local File Inclusion CVE-2012-1671 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in index.php for language handling that allows for local file inclusion using a null-byte attack on the 'lang' GET parameter. II...

phpMoneyBooks 1.0.2 - Local File Inclusion

phpMoneyBooks 1.0.2 - Local File Inclusion 'phpMoneyBooks' Local File Inclusion CVE-2012-1669 Mark Stanislav - [email protected] I. DESCRIPTION --------------------------------------- A vulnerability exists in index.php for module handling that allows for local file inclusion using a...

Design/Logic Flaw

Use-after-free vulnerability in the Zend engine in PHP before 5.2.15 and 5.3.x before 5.3.4 might allow context-dependent attackers to cause a denial of service heap memory corruption or have unspecified other impact via vectors related to use of set, get, isset, and unset methods on objects...

CVE-2010-4697

Use-after-free vulnerability in the Zend engine in PHP before 5.2.15 and 5.3.x before 5.3.4 might allow context-dependent attackers to cause a denial of service heap memory corruption or have unspecified other impact via vectors related to use of set, get, isset, and unset methods on objects...

Fedora 14 : maniadrive-1.2-23.fc14 / php-5.3.4-1.fc14.1 / php-eaccelerator-0.9.6.1-3.fc14 (2010-18976)

Security Enhancements and Fixes in PHP 5.3.4 : - Fixed crash in zip extract method possible CWE-170. - Paths with NULL in them foo\0bar.txt are now considered as invalid CVE-2006-7243. - Fixed a possible double free in imap extension Identified by Mateusz Kocielski. CVE-2010-4150. - Fixed NULL...