[SA14688] Double Choco Latte Cross-Site Scripting and PHP Code Execution

---------------------------------------------------------------------- Want a new IT Security job? Vacant positions at Secunia: http://secunia.com/secuniavacancies/ ---------------------------------------------------------------------- TITLE: Double Choco Latte Cross-Site Scripting and PHP Code...

Double Choco Latte 0.9.3/0.9.4 - 'main.php' Arbitrary PHP Code Execution

source: https://www.securityfocus.com/bid/12894/info Double Choco Latte is reported prone to multiple vulnerabilities. These issues result from insufficient sanitization of user-supplied data and may allow an attacker to carry out cross-site scripting/HTML injection attacks and execute arbitrary...

CVE-2005-0698

PHP remote file inclusion vulnerability in PHPWebLog 0.5.3 and earlier allows remote attackers to execute arbitrary PHP code by modifying the 1 GPATH parameter to init.inc.php or the 2 PATH parameter to index.php to reference a URL on a remote web server that contains the code...

CVE-2005-0632

PHP remote file inclusion vulnerability in auth.php in PHPNews 1.2.4 and possibly 1.2.3, allows remote attackers to execute arbitrary PHP code via the path parameter...

postnuke -- SQL injection vulnerabilities

Two separate SQL injection vulnerabilities have been identified in the PostNuke PHP content management system. An attacker can use this vulnerability to potentially insert executable PHP code into the content management system to view all files within the PHP scope, for instance. Various other SQ...

phpWebSite 0.x - Image File Processing Arbitrary '.PHP' File Upload

source: https://www.securityfocus.com/bid/12653/info phpWebSite is reported prone to a remote arbitrary PHP file upload vulnerability. The issue presents itself due to a lack of sanitization performed on image files that are uploaded when submitting an announcement. A remote attacker may exploit...

CVE-2005-0512

PHP remote file inclusion vulnerability in Tar.php in Mambo 4.5.2 allows remote attackers to execute arbitrary PHP code by modifying the mosConfigabsolutepath parameter to reference a URL on a remote web server that contains the code, a different vulnerability than CVE-2004-1693...

PANews 2.0 - PHP Remote Code Execution

source: https://www.securityfocus.com/bid/12611/info PaNews is reported prone to a remote PHP script code execution vulnerability. It is reported that PHP script code may be injected into the PaNews software through the 'showcopy' parameter of the 'adminsetup.php' script. Reports indicate that wh...

CVE-2004-1573

The CVE-2004-1573 entry concerns AJ-Fork 167 where insecure file permissions on users.db.php (set to 777) allow local users to execute arbitrary PHP code and gain administrator privileges. The vulnerability’s impact is (local) arbitrary code execution with full privileges as described; exploitati...

vbulletin 3.0.x PHP code execution

Vulnerable Systems: ---------------- vBulletin version 3.0 up to and including version 3.0.4 Immune systems: ---------------- vBulletin version 3.0.5 vBulletin version 3.0.6 Vulnerable code in forumdisplay.php : if $vboptions'showforumusers' . . . . if $bbuserinfo'userid' . . . . $comma = ', ';...

CVE-2004-1423

Multiple PHP remote file inclusion vulnerabilities in Sean Proctor PHP-Calendar before 0.10.1, as used in Commonwealth of Massachusetts Virtual Law Office VLO and other products, allow remote attackers to execute arbitrary PHP code via a URL in the phpcrootpath parameter to 1 includes/calendar.ph...

CVE-2005-0268

Direct code injection vulnerability in FlatNuke 2.5.1 allows remote attackers to execute arbitrary PHP code by placing the code into the urlavatar field...

CVE-2005-0327

pafiledb.php in Pafiledb 3.1 may allow remote attackers to execute arbitrary PHP code via a modified action parameter that is used in an include statement for login.php...

FlatNuke index.php url_avatar Field Arbitrary PHP Code Execution

The remote host is running FlatNuke, a content management system written in PHP and using flat files rather than a database for its storage. The remote version of this software has a form submission vulnerability that may allow an attacker to execute arbitrary PHP commands on the remote host...

Cross Site Scripting Vulnerabilities and Possible Code Execution in SugarCRM

---------------------------------------------------------------------------- Cross Site Scripting Vulnerabilities and Possible Code Execution in SugarCRM ---------------------------------------------------------------------------- Author: Jose Antonio Coret Joxean Koret Date: 2004 Location: Basqu...

CVE-2004-1505

Directory traversal vulnerability in index.php in Just Another Flat file JAF CMS 3.0RC allows remote attackers to read arbitrary files and possibly execute PHP code via a .. dot dot in the show parameter...

Debian DSA-346-1 : phpsysinfo - directory traversal

Albert Puigsech Galicia reported that phpsysinfo, a web-based program to display status information about the system, contains two vulnerabilities which could allow local files to be read, or arbitrary PHP code to be executed, under the privileges of the web server process usually www-data. These...

CVE-2002-1435

class.atkdateattribute.js.php in Achievo 0.7.0 through 0.9.1, except 0.8.2, allows remote attackers to execute arbitrary PHP code when the 'allowurlfopen' setting is enabled via a URL in the configatkroot parameter that points to the code...

CVE-2002-1211

Prometheus 6.0 and earlier is vulnerable to remote PHP code execution via a tainted PROMETHEUS_LIBRARY_BASE that can be set to a remote server and loaded by index.php, install.php, or test_*.php. The underlying flaw is the conditional inclusion of files (autoload.lib, prometheus-lib.path) based o...

CVE-2002-1113

summarygraphfunctions.php in Mantis 0.17.3 and earlier allows remote attackers to execute arbitrary PHP code by modifying the gjpgraphpath parameter to reference the location of the PHP code...