Lucene search
K

184 matches found

Tenable Nessus
Tenable Nessus
added 2008/12/10 12:0 a.m.15 views

PHP 5.x < 5.2.8 magic_quotes_gpc Security Bypass

Binary data 4784.prm...

7.5CVSS7.3AI score0.01664EPSS
Exploits2References3
OpenVAS
OpenVAS
added 2008/09/24 12:0 a.m.28 views

Gentoo Security Advisory GLSA 200603-22 (php)

The remote host is missing updates announced in advisory GLSA 200603-22. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS6.6AI score0.04348EPSS
Exploits0References4
exploitpack
exploitpack
added 2008/08/06 12:0 a.m.20 views

Discuz! 6.0.1 - searchid SQL Injection

Discuz! 6.0.1 - searchid SQL Injection =5 & mysql=4.1 BY james +------------------------------------------------------------------+ "; if$argc4 $host=$argv1; $port=$argv2; $path=$argv3; $uid=$argv4; else echo "Usage: php ".$argv0." host port path uid\n"; echo "host: target server \n"; echo "port:...

0.3AI score
Exploits0
myhack58
myhack58
added 2008/07/11 12:0 a.m.193 views

php escapeshellcmd multibyte encoding vulnerability analysis and extension-a vulnerability warning-the black bar safety net

漏洞 公告 在 http://www.sektioneins.de/advisories/SE-2008-03.txt PHP 5 = 5.2.5 PHP 4 = 4.4.8 Some allow as GBK, EUC-KR, SJIS, etc. wide byte character set systems may be affected by this impact, the impact is still very large, the domestic virtual host should be the pass to kill, in testing this...

7.9AI score
Exploits0
seebug.org
seebug.org
added 2008/06/23 12:0 a.m.68 views

PHP 5 'chdir()'和'ftok()' 'safe_mode'安全绕过漏洞

BUGTRAQ ID: 29796 CVE ID:CVE-2008-2666 CNCVE ID:CNCVE-20082666 PHP 5是一款开放源代码的网络编程语言。 PHP 5 'chdir'和'ftok'函数存在'safemode绕过问题,远程攻击者可以利用漏洞在未授权位置检测文件是否存在等敏感信息。 问题代码如下: - --- PHPFUNCTIONchdir char str; int ret, strlen; if zendparseparametersZENDNUMARGS TSRMLSCC, "s", &str, &strlen == FAILURE RETURNFALS...

5CVSS6.3AI score0.13923EPSS
Exploits2
seebug.org
seebug.org
added 2008/06/23 12:0 a.m.41 views

PHP 5 'posix_access()'函数'safe_mode'绕过目录遍历漏洞

BUGTRAQ ID: 29797 CVE ID:CVE-2008-2665 CNCVE ID:CNCVE-20082665 PHP 5是一款开放源代码的网络编程语言。 PHP 5 'posixaccess'存在'safemode绕过问题,远程攻击者可以利用漏洞访问WEB ROOT目录之外的数据,导致敏感信息泄漏。 问题代码如下: - --- PHPFUNCTIONposixaccess long mode = 0; int filenamelen, ret; char filename, path; if zendparseparametersZENDNUMARGS TSRMLSCC,...

5CVSS6.3AI score0.03377EPSS
Exploits4
Packet Storm
Packet Storm
added 2008/06/10 12:0 a.m.22 views

teldir-delete.txt

!/usr/bin/perl -w Telephone Directory 2008 see down Greetz : Houssamix & Djekmani & Jadi & iuoisn & hak3r-b0y All muslims HaCkeRs : Special Thnx To : Simo64 L3azzzzzz khouya ---------------------------------------------------------------------------- TITLE: PerlSploit Class REQUIREMENTS: PHP 4 /...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2008/06/10 12:0 a.m.14 views

Telephone Directory 2008 Arbitrary Delete Contact Exploit

No description provided by source. !/usr/bin/perl -w Telephone Directory 2008 = Arbitrary Delete Contact Founded & Exploited by : Stack Contact: Ev!L = see down Greetz : Houssamix & Djekmani & Jadi & iuoisn & hak3r-b0y All muslims HaCkeRs : Special Thnx To : Simo64 L3azzzzzz khouya...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2008/06/09 12:0 a.m.20 views

Telephone Directory 2008 Arbitrary Delete Contact Exploit

No description provided by source. !/usr/bin/perl -w Telephone Directory 2008 = Arbitrary Delete Contact Founded & Exploited by : Stack Contact: Ev!L = see down Greetz : Houssamix & Djekmani & Jadi & iuoisn & hak3r-b0y All muslims HaCkeRs : Special Thnx To : Simo64 L3azzzzzz khouya...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2008/05/29 12:0 a.m.13 views

phpBookingCalendar 10 d - SQL Injection

phpBookingCalendar 10 d - SQL Injection Portal :PHP Booking Calendar 10 d sql/upload Exploit Modified 2008 Download : https://sourceforge.net/project/showfiles.php?groupid=132702 exploit aported password crypted Founded & Exploited by : Stack Contact: Ev!L = see down Greetz : Houssamix & Djekmani...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2008/05/19 12:0 a.m.28 views

archangelweblog-sql.txt

!/usr/bin/perl -w Portal : Archangel Weblog 0.90.02 Download : http://www.archangelmgt.com/ArchangelWeblogv09002.zip exploit aported password crypted mgharba :d:d:d:d Founded & Exploited by : Stack-Terrorist v40 Contact: Ev!L = see down Greetz : Houssamix & Djekmani & Jadi & iuoisn & Str0ke & All...

7.4AI score
Exploits0
UbuntuCve
UbuntuCve
added 2008/05/07 9:20 p.m.42 views

CVE-2008-2108

The GENERATESEED macro in PHP 4.x before 4.4.8 and 5.x before 5.2.5, when running on 64-bit systems, performs a multiplication that generates a portion of zero bits during conversion due to insufficient precision, which produces 24 bits of entropy and simplifies brute force attacks against...

9.8CVSS7.2AI score0.04289EPSS
Exploits1References2
seebug.org
seebug.org
added 2008/01/14 12:0 a.m.15 views

Docebo &lt;= 3.5.0.3 (lib.regset.php/non-blind) SQL Injection Exploit

No description provided by source. ?php printr' ----------------------------------------------------------------------------- Docebo Suite = 3.5.0.3 lib.regset.php/non-blind SQL injection exploit by rgod bug found by EgiX working with Mysql = 4.1 PHP 5.X needed by Docebo regardless of php.ini...

7.1AI score
Exploits0
Prion
Prion
added 2008/01/11 12:46 a.m.13 views

Directory traversal

Multiple directory traversal vulnerabilities in index.php in Tuned Studios 1 Subwoofer, 2 Freeze Theme, 3 Orange Cutout, 4 Lonely Maple, 5 Endless, 6 Classic Theme, and 7 Music Theme webpage templates allow remote attackers to include and execute arbitrary files via ".." sequences in the page...

7.5CVSS8.1AI score0.02507EPSS
Exploits1References5
NVD
NVD
added 2008/01/11 12:46 a.m.14 views

CVE-2008-0231

Multiple directory traversal vulnerabilities in index.php in Tuned Studios 1 Subwoofer, 2 Freeze Theme, 3 Orange Cutout, 4 Lonely Maple, 5 Endless, 6 Classic Theme, and 7 Music Theme webpage templates allow remote attackers to include and execute arbitrary files via ".." sequences in the page...

7.5CVSS7.6AI score0.02507EPSS
Exploits1References5
0day.today
0day.today
added 2008/01/11 12:0 a.m.15 views

Docebo <= 3.5.0.3 (lib.regset.php/non-blind) SQL Injection Exploit

Exploit for unknown platform in category web applications ================================================================== Docebo = 4.1 PHP 5.X needed by Docebo regardless of php.ini settings no benchmark quickly coded to perform credentials disclosure...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2008/01/11 12:0 a.m.35 views

Docebo 3.5.0.3 - &#039;/lib.regset.php/non-blind&#039; SQL Injection

= 4.1 PHP 5.X needed by Docebo regardless of php.ini settings no benchmark quickly coded to perform credentials disclosure ----------------------------------------------------------------------------- '; if $argc 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa....

7.4AI score
Exploits0
CVE
CVE
added 2008/01/11 12:0 a.m.41 views

CVE-2008-0231

Technical details about CVE-2008-0231 are not publicly provided in the supplied documents. Monitor for updates from official advisories.

7.5CVSS7.6AI score0.02507EPSS
Exploits1References5Affected Software7
exploitpack
exploitpack
added 2007/10/22 12:0 a.m.32 views

PHP 5.x COM - Safe Mode Disable Functions Bypass

PHP 5.x COM - Safe Mode Disable Functions Bypass sounds good //The windows version of PHP has built in support for this extension. You do not need to //load any additional extension in order to use these functions. //You are responsible for installing support for the various COM objects that you...

0.2AI score
Exploits0
Prion
Prion
added 2007/10/12 11:17 p.m.19 views

Design/Logic Flaw

The disablefunctions feature in PHP 4 and 5 allows attackers to bypass intended restrictions by using an alias, as demonstrated by using inialter when iniset is disabled...

7.5CVSS6.8AI score0.01689EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder