FreeCMS.us 0.2 - FCKeditor Arbitrary File Upload

FreeCMS.us 0.2 - FCKeditor Arbitrary File Upload ?php / -------------------------------------------------------------- FreeCMS.us 0.2 fckeditor Arbitrary File Upload Exploit -------------------------------------------------------------- By : Stack Special thnx for : Egix - vulnerable code in...

FreeCMS.us 0.2 - 'FCKeditor' Arbitrary File Upload

?php / -------------------------------------------------------------- FreeCMS.us 0.2 fckeditor Arbitrary File Upload Exploit -------------------------------------------------------------- By : Stack Special thnx for : Egix - vulnerable code in...

CVE-2008-2689

PHP remote file inclusion vulnerability in pub/clients.php in BrowserCRM 5.002.00 allows remote attackers to execute arbitrary PHP code via a URL in the bcrmpubroot parameter...

Directory traversal

Multiple PHP remote file inclusion vulnerabilities in Brim formerly Booby 1.0.1 allow remote attackers to execute arbitrary PHP code via a URL in the renderer parameter to template.tpl.php in 1 barrel/, 2 barry/, 3 mylook/, 4 oerdec/, 5 penguin/, 6 sidebar/, 7 slashdot/, and 8 text-only/ in...

CVE-2008-2638

Static code injection vulnerability in guestbook.php in 1Book 1.0.1 and earlier allows remote attackers to upload arbitrary PHP code via the message parameter in an HTML webform, which is written to data.php...

Code injection

Static code injection vulnerability in guestbook.php in 1Book 1.0.1 and earlier allows remote attackers to upload arbitrary PHP code via the message parameter in an HTML webform, which is written to data.php...

CVE-2008-2638

Static code injection vulnerability in guestbook.php in 1Book 1.0.1 and earlier allows remote attackers to upload arbitrary PHP code via the message parameter in an HTML webform, which is written to data.php...

Achievo <= 1.3.2 (fckeditor) Arbitrary File Upload Exploit

Exploit for unknown platform in category web applications ========================================================== Achievo array"zip","doc","xls","pdf","rtf","csv","jpg","gif","jpeg","png","avi","mpg","mpeg","swf","fla", with a default configuration of this script, an attacker might be able to...

Achievo 1.3.2 - &#039;FCKeditor&#039; Arbitrary File Upload

array"zip","doc","xls","pdf","rtf","csv","jpg","gif","jpeg","png","avi","mpg","mpeg","swf","fla", with a default configuration of this script, an attacker might be able to upload arbitrary files containing malicious PHP code due to multiple file extensions isn't properly checked / errorreporting0...

SyntaxCMS &lt;= 1.3 (fckeditor) Arbitrary File Upload Exploit

No description provided by source. ?php / -------------------------------------------------------------- Syntax CMS = 1.3 fckeditor Arbitrary File Upload Exploit -------------------------------------------------------------- Gr33ts t0 : EgiX, ThE GeNeRal L0s3r , Houssamix ,Str0ke == special THank...

SyntaxCMS 1.3 - &#039;FCKeditor&#039; Arbitrary File Upload

special THanks to EgiX For the Exploit Code author...: Stack mail.....: Ev!L descr: if the web site change the name of path or path is /public/ you can delet /public/ in the exploit in the line : "POST $pathpublic/fckeditor/editor/filemanager/upload/php/upload.php - vulnerable code in...

SyntaxCMS <= 1.3 (fckeditor) Arbitrary File Upload Exploit

Exploit for unknown platform in category web applications ========================================================== SyntaxCMS special THanks to EgiX For the Exploit Code author...: Stack mail.....: Ev!L descr: if the web site change the name of path or path is /public/ you can delet /public/ in...

syntaxcms-upload.txt

special THanks to EgiX For the Exploit Code author...: Stack mail.....: Ev!L descr: if the web site change the name of path or path is /public/ you can delet /public/ in the exploit in the line : "POST $pathpublic/fckeditor/editor/filemanager/upload/php/upload.php - vulnerable code in...

CVE-2008-2480

PHP remote file inclusion vulnerability in plus.php in plusPHP Short URL Multi-User Script 1.6 allows remote attackers to execute arbitrary PHP code via a URL in the pagesdir parameter...

CVE-2008-2345

Unspecified vulnerability in the airfilemanager 0.6.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary PHP code via unspecified vectors related to "insufficient file filtering."...

CVE-2008-2345

Unspecified vulnerability in the airfilemanager 0.6.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary PHP code via unspecified vectors related to "insufficient file filtering."...

cPanel 11.21 - wwwact Privilege Escalation

cPanel 11.21 - wwwact Privilege Escalation source: https://www.securityfocus.com/bid/29277/info cPanel is prone to a remote privilege-escalation vulnerability because of an unspecified error. Successfully exploiting this issue allows remote attackers to gain administrative privileges to the...

cPanel 11.21 - &#039;wwwact&#039; Privilege Escalation

source: https://www.securityfocus.com/bid/29277/info cPanel is prone to a remote privilege-escalation vulnerability because of an unspecified error. Successfully exploiting this issue allows remote attackers to gain administrative privileges to the affected application and execute malicious PHP...

CVE-2008-2296

PHP remote file inclusion vulnerability in include/bbs.lib.inc.php in Rgboard 3.0.12 allows remote attackers to execute arbitrary PHP code via a URL in the sitepath parameter...

CVE-2008-2284

PHP remote file inclusion vulnerability in fusebox5.php in Fusebox 5.5.1 allows remote attackers to execute arbitrary PHP code via a URL in the FUSEBOXAPPLICATIONPATH parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...