CVE-2009-4834

lib.php in Zeroboard 4.1 pl7 allows remote attackers to execute arbitrary PHP code via a crafted parameter name, possibly related to nowconnect.php...

CVE-2009-4834

lib.php in Zeroboard 4.1 pl7 allows remote attackers to execute arbitrary PHP code via a crafted parameter name, possibly related to nowconnect.php...

CVE-2009-4793

Unrestricted file upload vulnerability in adminpanel/scripts/addphotos.php in BandSite CMS 1.1.4 allows remote authenticated administrators to execute arbitrary PHP code by uploading a file with an executable extension via an addphotos action to adminpanel/index.php, and then accessing the file v...

CVE-2010-1153

PHP remote file inclusion vulnerability in the autoloader in TYPO3 4.3.x before 4.3.3 allows remote attackers to execute arbitrary PHP code via a URL in an input field associated with the className variable...

FreephpWebsiteSoftware 1.0 Remote File Include Vulnerability

Exploit for php platform in category web applications ============================================================ FreephpWebsiteSoftware 1.0 Remote File Include Vulnerability ============================================================ \|/// \ - - // @ @...

CVE-2009-4750

PHP remote file inclusion vulnerability in home.php in Top Paidmailer allows remote attackers to execute arbitrary PHP code via a URL in the page parameter...

CVE-2010-0988

CVE-2010-0988 affects Pulse CMS prior to 1.2.3. The issue comprises two related vulnerabilities: (1) an improper handling of login failures in includes/login.php that enables remote attackers to write arbitrary files and execute PHP code in the web root, and (2) an issue in viewing content where ...

CVE-2010-0755

PHP remote file inclusion vulnerability in include/WBmap.php in WikyBlog 1.7.3 rc2 allows remote attackers to execute arbitrary PHP code via a URL in the langFile parameter...

Bits Video Script 2.042.05 - addvideo.php Arbitrary File Upload Arbitrary PHP Code Execution

Bits Video Script 2.042.05 - addvideo.php Arbitrary File Upload Arbitrary PHP Code Execution source: https://www.securityfocus.com/bid/40712/info Bits Video Script is prone to multiple arbitrary-file-upload vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can...

Bits Video Script 2.04/2.05 - '/register.php' Arbitrary File Upload / Arbitrary PHP Code Execution

source: https://www.securityfocus.com/bid/40712/info Bits Video Script is prone to multiple arbitrary-file-upload vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities to upload arbitrary code and run it in the context of the...

Bits Video Script 2.042.05 - register.php Arbitrary File Upload Arbitrary PHP Code Execution

Bits Video Script 2.042.05 - register.php Arbitrary File Upload Arbitrary PHP Code Execution source: https://www.securityfocus.com/bid/40712/info Bits Video Script is prone to multiple arbitrary-file-upload vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can...

Bits Video Script 2.04/2.05 - '/addvideo.php' Arbitrary File Upload / Arbitrary PHP Code Execution

source: https://www.securityfocus.com/bid/40712/info Bits Video Script is prone to multiple arbitrary-file-upload vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities to upload arbitrary code and run it in the context of the...

phpwind 7.5 apps/groups/index.php远程包含漏洞

apps/groups/index.php 里$route和$basePath变量没有初始化,导致远程包含或者本地包含php文件,导致执行任意php代码 ?php if $route == "groups" requireonce $basePath . '/action/mgroups.php'; elseif $route == "group" requireonce $basePath . '/action/mgroup.php'; elseif $route == "galbum" requireonce $basePath . '/action/mgalbum.php';...

Piwik Open Flash Chart Remote Code Execution Vulnerability

Exploit for unknown platform in category web applications ========================================================== Piwik Open Flash Chart Remote Code Execution Vulnerability ========================================================== Class: Input Validation Error CVE: Remote: Yes Local: No...

Piwik Open Flash Chart Remote Code Execution Vulnerability

No description provided by source. Bugtraq ID: 37314 Class: Input Validation Error CVE: Remote: Yes Local: No Published: Dec 14 2009 12:00AM Updated: Dec 17 2009 06:03PM Credit: Braeden Thomas Vulnerable: Piwik Piwik 0.4.3 Piwik Piwik 0.4.2 Piwik Piwik 0.4.1 Piwik Piwik 0.4 Piwik Piwik 0.2.37 Piw...

OSSIM v2.1.5 Arbitrary File Upload

No description provided by source. Advisory Name: Arbitrary File Upload in OSSIM Vulnerability Class: Arbitrary File Upload Release Date: 12-16-2009 Affected Applications: Confirmed in OSSIM 2.1.5. Other versions may also be affected. Affected Platforms: Multiple Local / Remote: Remote Severity:...

OSSIM 2.1.5 - Arbitrary File Upload

OSSIM 2.1.5 - Arbitrary File Upload Advisory Name: Arbitrary File Upload in OSSIM Vulnerability Class: Arbitrary File Upload Release Date: 12-16-2009 Affected Applications: Confirmed in OSSIM 2.1.5. Other versions may also be affected. Affected Platforms: Multiple Local / Remote: Remote Severity:...

CVE-2009-4315

Directory traversal vulnerability in admin/ajaxsave.php in Nuggetz CMS 1.0, when magicquotesgpc is disabled, allows remote attackers to create or modify arbitrary files via a .. dot dot in the nugget parameter and a modified pagevalue parameter, as demonstrated by creating and accessing a .php fi...

CVE-2009-4315

Directory traversal vulnerability in admin/ajaxsave.php in Nuggetz CMS 1.0, when magicquotesgpc is disabled, allows remote attackers to create or modify arbitrary files via a .. dot dot in the nugget parameter and a modified pagevalue parameter, as demonstrated by creating and accessing a .php fi...

piwik -- php code execution

secunia reports: Stefan Esser has reported a vulnerability in Piwik, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to the core/Cookie.php script using "unserialize" with user controlled input. This can be exploited to e.g. execute...