1982 matches found
Flatnuke 3 - Remote Cookie Manipulation Privilege Escalation
Flatnuke 3 - Remote Cookie Manipulation Privilege Escalation --------------------------------------------------------------- / | |\ \ / | / |/ | | |/ \ | | | |||| /| / / --------------------------------------------------------------- Http://www.inj3ct-it.org Staffatinj3ct-itdotorg...
CVE-2007-5563
Unspecified vulnerability in VirtueMart before 1.0.13 allows remote attackers to execute arbitrary PHP code via unspecified vectors...
CVE-2007-5416
Drupal 5.2 and earlier does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to execute arbitrary PHP code by invoking the drupaleval function through a callback parameter to t...
Several vulnerabilities in CMS Made Simple 1.1.3.1
Hi, There are several security bugs in CMS Made Simple 1.1.3.1 : I am not going to release dangerous and exploitable info here 1 There is a highly dangerous PHP code execution bug in the script . 2 A registered user can access unauthorized pages . For example he can upload files to the server, or...
CVE-2007-5307
Technical details about CVE-2007-5307 are not publicly available in the provided connected documents. Please monitor for updates on affected software, impact and remediation.
CVE-2007-5178
The CVE describes a vulnerability in the mx_glance 2.3.3 module for mxBB where a missing delimiter inside a security check placed within a comment enables remote file inclusion (RFI) and arbitrary PHP code execution via a URL in the mx_root_path parameter. Affected software is mx_glance 2.3.3 for...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in Ekke Doerre Contenido 42VariablVersion 42VV10 in contenidohacks in Mods 4 Xoops Contenido eZ publish pdf4cms allow remote attackers to execute arbitrary PHP code via a URL in the cfgPathInc parameter to 1 mainupl.php, 2 mainconeditside.php, 3...
CVE-2007-5115
Multiple PHP remote file inclusion vulnerabilities in Ekke Doerre Contenido 42VariablVersion 42VV10 in contenidohacks in Mods 4 Xoops Contenido eZ publish pdf4cms allow remote attackers to execute arbitrary PHP code via a URL in the cfgPathInc parameter to 1 mainupl.php, 2 mainconeditside.php, 3...
CVE-2007-5053
Multiple incomplete blacklist vulnerabilities in iziContents 1 RC6 and earlier allow remote attackers to execute arbitrary PHP code via a URL in 1 the adminhome parameter to modules/poll/pollsummary.php or 2 the rootdp parameter to include/db.php; or a URL in the languagehome parameter to 3...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in SpeedTech PHP Library STPHPLibrary 0.8.0 allow remote attackers to execute arbitrary PHP code via a URL in the 1 dbconf or 2 ADODBDIR parameter to utils/stphpimageshow.php; or a URL in the STPHPLIBDIR parameter to 3 stphpbutton.php, 4...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in Weblogicnet allow remote attackers to execute arbitrary PHP code via a URL in the filesdir parameter in 1 esdesp.php, 2 escustommenu.php, and 3 esoffer.php...
SolpotCrew Advisory #15 (home_edition2001) - Weblogicnet (files_dir) Remote File Inclusion
Community Weblogicnet filesdir Remote File Inclusion vendor : http://www.weblogicnet.com/ source : http://weblogicnet.com/data/weblogicnet.tgz Bug Found By :homeedition2001 a.k.a bius 31-08-2007 contact: bius22 at mac dot com email concealed Website :...
Weblogicnet - files_dir Multiple Remote File Inclusions
Weblogicnet - filesdir Multiple Remote File Inclusions Nyubicrew Community Weblogicnet filesdir Remote File Inclusion vendor : http://www.weblogicnet.com/ source : http://weblogicnet.com/data/weblogicnet.tgz Bug Found By :homeedition2001 a.k.a bius 31-08-2007 contact: [email protected] Website :...
CVE-2007-4608
PHP remote file inclusion vulnerability in protection.php in ePersonnel RC200402 allows remote attackers to execute arbitrary PHP code via a URL in the logoutpage parameter...
CVE-2007-4536
TorrentTrader 1.07 and earlier sets insecure permissions for files in the root directory, which allows attackers to execute arbitrary PHP code by modifying 1 disclaimer.txt, 2 sponsors.txt, and 3 banners.txt, which are used in an include call. NOTE: there might be local attack vectors that extend...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in PHPCentral Poll Script 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the SERVERDOCUMENTROOT parameter in 1 poll.php and 2 pollarchive.php. NOTE: a reliable third party states that this issue is resultant from a variable...
Remote file inclusion
PHP remote file inclusion vulnerability in shoutbox.php in Shoutbox 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the root parameter...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in File Uploader 1.1 allow remote attackers to execute arbitrary PHP code via a URL in the configrootordner parameter to 1 index.php or 2 datei.php...
CVE-2007-4320
PHP remote file inclusion vulnerability in admin/addons/archive/archive.php in Ncaster 1.7.2 allows remote attackers to execute arbitrary PHP code via a URL in the adminfolder parameter...
CVE-2007-4279
PHP remote file inclusion vulnerability in config.php in FrontAccounting 1.12 Build 31 allows remote attackers to execute arbitrary PHP code via a URL in the pathtoroot parameter...