Support Incident Tracker (SiT!) Multiple Input Validation Vulnerabilities

Support Incident Tracker SiT! is prone to the following input- validation vulnerabilities: 1. A cross-site scripting vulnerability 2. An SQL-injection vulnerability 3. A PHP code-injection vulnerability 4. A path-disclosure vulnerability 5. An arbitrary-file-upload vulnerability Exploiting these...

phpLDAPadmin <= 1.2.1.1 (query_engine) Remote PHP Code Injection Exploit

phpLDAPadmin = 1.2.1.1 queryengine Remote PHP Code Injection Exploit author...............: EgiX mail.................: n0b0d13satgmaildotcom software link........: http://phpldapadmin.sourceforge.net/ affected versions....: from 1.2.0 to 1.2.1.1 - vulnerable code in /lib/functions.php 1002...

CVE-2011-1513

The CVE-2011-1513 entry concerns e107 CMS prior to 0.7.24 where the installation script is not removed, enabling a remote attacker to inject PHP via a crafted MySQL server name and overwrite e107_config.php. Core Security’s advisory CORE-2011-0810 documents OS command injection with code executio...

phpAlbum Multiple Security Vulnerabilities

phpAlbum is prone to an arbitrary-file-download vulnerability, multiple cross-site scripting vulnerabilities, and multiple PHP code- injection vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker can exploit these issues to execute arbitrary script code in the...

phpAlbum Multiple Security Vulnerabilities

phpAlbum is prone to an arbitrary-file-download vulnerability, multiple cross-site scripting vulnerabilities, and multiple PHP code- injection vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker can exploit these issues to execute arbitrary script code in the...

PHP Photo Album 0.4.1.16 - Multiple Disclosure Vulnerabilities

PHP Photo Album 0.4.1.16 - Multiple Disclosure Vulnerabilities ---------------------------------------------------------------- PHP Photo Album = 0.4.1.16 Multiple Disclosure Vulnerabilities ---------------------------------------------------------------- Exploit Title: PHP Photo Album = 0.4.1.16...

PHP Photo Album 0.4.1.16 - Multiple Disclosure Vulnerabilities

---------------------------------------------------------------- PHP Photo Album = 0.4.1.16 Multiple Disclosure Vulnerabilities ---------------------------------------------------------------- Exploit Title: PHP Photo Album = 0.4.1.16 Multiple Disclosure Vulnerabilities Google Dork:...

PHP Photo Album 0.4.1.16 Cross Site Scripting / Disclosure

---------------------------------------------------------------- PHP Photo Album Poc 2 http://localhost/phpAlbum/main.php?cmd=albumnew&keyword=XSS Demo :http://www.iloveazucar.com/phpAlbum/main.php?cmd=albumnew&keyword="onmouseover%3dprompt975554 bad%3d" Demo :http://www.dolfpretorius.com/main.ph...

PHP Photo Album <= (0.4.1.16) Multiple Disclosure Vulnerabilities

Exploit for php platform in category web applications ---------------------------------------------------------------- PHP Photo Album = 0.4.1.16 Multiple Disclosure Vulnerabilities ---------------------------------------------------------------- Exploit Title: PHP Photo Album = 0.4.1.16 Multiple...

Dolphin &lt;= 7.0.7 &#40;member_menu_queries.php&#41; Remote PHP Code Injection

-------------------------------------------------------------------- Dolphin = 7.0.7 membermenuqueries.php Remote PHP Code Injection -------------------------------------------------------------------- author...............: EgiX mail.................: n0b0d13satgmaildotcom software link........:...

FreeBSD : phpLDAPadmin -- Remote PHP code injection vulnerability (edf47177-fe3f-11e0-a207-0014a5e3cda6)

EgiX n0b0d13s at gmail dot com reports : The $sortby parameter passed to 'masort' function in file lib/functions.php isn't properly sanitized before being used in a call to createfunction at line 1080. This can be exploited to inject and execute arbitrary PHP code. The only possible attack vector...

phpLDAPadmin 1.2.1.1 - Remote PHP Code Injection (1)

phpLDAPadmin 1.2.1.1 - Remote PHP Code Injection 1 ?php / ------------------------------------------------------------------------ phpLDAPadmin = 1.2.1.1 queryengine Remote PHP Code Injection Exploit ------------------------------------------------------------------------ author...............:...

phpLDAPadmin <= 1.2.1.1 (query_engine) Remote PHP Code Injection

Exploit for php platform in category web applications ?php / ------------------------------------------------------------------------ phpLDAPadmin = 1.2.1.1 queryengine Remote PHP Code Injection Exploit ------------------------------------------------------------------------ author..................

Joomla NoNumber! Extension Manager Plugin Local File Include and PHP code Injection Vulnerabilities

NoNumber! Extension Manager is prone to multiple input-validation vulnerabilities because it fails to properly sanitize user- supplied input. An attacker can exploit these issues to inject arbitrary PHP code and include and execute arbitrary files from the vulnerable system in the context of the...

Joomla NoNumber! Extension Manager Plugin LFI and PHP Code Injection Vulnerabilities (Nov 2011) - Active Check

NoNumber! Extension Manager is prone to multiple input validation vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to inject arbitrary PHP code and include and execute arbitrary files from the vulnerable system in the context of the...

Dolphin 7.0.7 PHP Code Injection

$aItems 8...

Dolphin <= 7.0.7 (member_menu_queries.php) Remote PHP Code Injection

Exploit for php platform in category web applications ?php / ---------------------------------------------------------------------------- Dolphin = 7.0.7 membermenuqueries.php Remote PHP Code Injection Exploit ----------------------------------------------------------------------------...

PT-2011-02: PHP code Injection in Kayako Support Suite

Positive Research Center has discovered PHP code injection vulnerability in Kayako Support Suite. Application insufficiently verifies incoming data received via template editing form. An attacker with administration privileges can inject arbitrary PHP code via template editing feature with an...

WeBid 1.0.2 Remote Code Execution

checkmysql$res, $query, LINE, FILE; 157. $itemtitle = mysqlresult$res, 0, 'title'; Input passed through $REQUEST'auctionid' isn't properly sanitised before being used in the SQL query at line 154. - Vulnerable code to SQL injection works with magicquotesgpc = off in logout.php: 21. if...

WeBid 1.0.2 - &#039;converter.php&#039; Remote Code Execution

checkmysql$res, $query, LINE, FILE; 157. $itemtitle = mysqlresult$res, 0, 'title'; Input passed through $REQUEST'auctionid' isn't properly sanitised before being used in the SQL query at line 154. - Vulnerable code to SQL injection works with magicquotesgpc = off in logout.php: 21. if...