[eVuln.com] PHP Code Execution in Alguest

New eVuln Advisory: PHP Code Execution in Alguest Summary: http://evuln.com/vulns/153/summary.html Details: http://evuln.com/vulns/153/description.html -----------Summary----------- eVuln ID: EV0153 Software: Alguest Vendor: n/a Version: 1.1c-patched Critical Level: high Type: PHP Code Execution...

Pulse CMS Basic Local File Include Vulnerability

Pulse CMS Basic is prone to a local file-include vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:pulsecms:pulsecms...

Alguest 1.1c-patched Code Execution

New eVuln Advisory: PHP Code Execution in Alguest Summary: http://evuln.com/vulns/153/summary.html Details: http://evuln.com/vulns/153/description.html -----------Summary----------- eVuln ID: EV0153 Software: Alguest Vendor: n/a Version: 1.1c-patched Critical Level: high Type: PHP Code Execution...

Pandora FMS Authentication Bypass And Multiple Input Validation Vulnerabilities

Pandora FMS is prone to an authentication-bypass vulnerability as well as the following input-validation vulnerabilities: 1. A command-injection vulnerability 2. Multiple SQL-injection vulnerabilities 3. A remote file-include vulnerability 4. An arbitrary PHP-code-execution vulnerability 5...

Pandora FMS <= 3.1 Multiple Input Validation Vulnerabilities - Active Check

Pandora FMS is prone to an authentication bypass vulnerability as well as the following input-validation vulnerabilities: - A commandinjection vulnerability - Multiple SQL injection SQLi vulnerabilities - A remote file include RFI vulnerability - An arbitrary PHP code execution vulnerability -...

Multi-lingual E-Commerce System 0.2 Multiple Vulnerabilities - Active Check

Multi-lingual E-Commerce System is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2010-3209

Multiple PHP remote file inclusion vulnerabilities in Seagull 0.6.7 allow remote attackers to execute arbitrary PHP code via a URL in the includeFile parameter to 1 Config/Container.php and 2 HTML/QuickForm.php in fog/lib/pear/, the 3 driverpath parameter to fog/lib/pear/DB/NestedSet.php, and the...

CVE-2010-3205

PHP remote file inclusion vulnerability in index.php in Textpattern CMS 4.2.0 allows remote attackers to execute arbitrary PHP code via a URL in the inc parameter...

MyBackup <= 1.4.0 Multiple Vulnerabilities

MyBackup is prone to multiple vulnerabilities. These vulnerabilities include a directory traversal vulnerability and an arbitrary PHP code execution vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by...

MyBackup 1.4.0 Multiple Security Vulnerabilities

MyBackup is prone to multiple security vulnerabilities. These vulnerabilities include a directory-traversal vulnerability and a arbitrary PHP code execution vulnerability. An attacker can exploit these vulnerabilities to execute arbitrary php code in the context of the affected site or obtain...

CVE-2009-4993

PHP remote file inclusion vulnerability in home.php in LM Starmail Paidmail 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the page parameter...

PHP code execution vulnerability summary-vulnerability warning-the black bar safety net

PHP security lovers of the feastthe Month of PHP Security it. Read php-security on many of the cattle below, to issue to the shared under a., are idols wow. A code to perform the function In PHP you can execute the Code of the function. Such as eval , assert , theand system and exec and shellexec...

iScripts SocialWare 2.2.x Shell Upload

/iScripts SocialWare 2.2.x Arbitrary File Upload Vulnerability Name iScripts SocialWare Vendor http://www.iscripts.com Versions Affected 2.2.x Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail dot com Date 2010-02-07 X. INDEX I. ABOUT T...

iScripts Socialware 2.2.x - Arbitrary File Upload

/iScripts SocialWare 2.2.x Arbitrary File Upload Vulnerability Name iScripts SocialWare Vendor http://www.iscripts.com Versions Affected 2.2.x Author Salvatore Fresta aka Drosophila Website http://www.salvatorefresta.net Contact salvatorefresta at gmail dot com Date 2010-02-07 X. INDEX I. ABOUT T...

Remote file inclusion

PHP remote file inclusion vulnerability in banned.php in Visitor Logger allows remote attackers to execute arbitrary PHP code via a URL in the VLincludepath parameter...

Drupal Panels Module 6.x PHP Code Execution Vulnerability

A vulnerability has been reported in Panels module for Drupal, which can be exploited by malicious users to compromise a vulnerable system. Certain unspecified input is not properly sanitised before being used in the import functionality. This can be exploited to execute arbitrary PHP code...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in DataLife Engine DLE 8.3 allow remote attackers to execute arbitrary PHP code via a URL in 1 the selectedlanguage parameter to engine/inc/include/init.php, 2 the configlangs parameter to engine/inc/help.php, 3 the configlang parameter to...

CVE-2010-1921

Multiple PHP remote file inclusion vulnerabilities in OpenMairie openAnnuaire 2.00, when registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the pathom parameter to 1 annuaire.class.php, 2 droit.class.php, 3 collectivite.class.php, 4 profil.class.php, 5...

29o3 CMS &#40;LibDir&#41; Multiple Remote File Inclusion Vulnerability

Description: Some vulnerabilities have been discovered in 2903 CMS, which can be exploited by malicious people to compromise a vulnerable system. Input passed to the "CONFIGLibDir" parameter in multiple files is not properly verified before being used to include files. This can be exploited to...

OpenX banner-edit.php File Upload PHP Code Execution

$Id: openxbanneredit.rb 9247 2010-05-08 03:07:51Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framewor...