Global Centre Aplomb Poll 1.1 - index.php?Madoa Remote File Inclusion

Global Centre Aplomb Poll 1.1 - index.php?Madoa Remote File Inclusion source: https://www.securityfocus.com/bid/25138/info Aplomb Poll is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these...

Global Centre Aplomb Poll 1.1 - admin.php?Madoa Remote File Inclusion

Global Centre Aplomb Poll 1.1 - admin.php?Madoa Remote File Inclusion source: https://www.securityfocus.com/bid/25138/info Aplomb Poll is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these...

Global Centre Aplomb Poll 1.1 - 'index.php?Madoa' Remote File Inclusion

source: https://www.securityfocus.com/bid/25138/info Aplomb Poll is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code...

RaidenHTTPD workspace.php ulang Parameter Local File Inclusion

Binary data 5103.prm...

Design/Logic Flaw

epesi framework before 0.8.6 does not properly verify file extensions, which allows remote attackers to upload and execute arbitrary PHP code via unspecified vectors involving the gallery images upload feature. NOTE: some of these details are obtained from third party information...

CVE-2007-4026

epesi framework before 0.8.6 does not properly verify file extensions, which allows remote attackers to upload and execute arbitrary PHP code via unspecified vectors involving the gallery images upload feature. NOTE: some of these details are obtained from third party information...

CVE-2007-4026

epesi framework before 0.8.6 does not properly verify file extensions, which allows remote attackers to upload and execute arbitrary PHP code via unspecified vectors involving the gallery images upload feature. NOTE: some of these details are obtained from third party information...

CVE-2007-4009

PHP remote file inclusion vulnerability in admin/businessinc/saveserver.php in SWSoft Confixx Pro 2.0.12 through 3.3.1 allows remote attackers to execute arbitrary PHP code via a URL in the thisdir parameter...

CVE-2007-4007

PHP remote file inclusion vulnerability in index.php in Article Directory Article Site Directory allows remote attackers to execute arbitrary PHP code via a URL in the page parameter...

CVE-2007-3980

PHP remote file inclusion vulnerability in page.php in RCMS Pro RGameScript Pro allows remote attackers to execute arbitrary PHP code via a URL in the id parameter...

CVE-2007-3934

PHP remote file inclusion vulnerability in postscript/postscript.php in BBS E-Market allows remote attackers to execute arbitrary PHP code via a URL in the pmode parameter...

CVE-2007-3932

uploadimg.php in the Expose RC35 and earlier comexpose component for Joomla! sends an error message but does not exit when it detects an attempt to upload a non-JPEG file, which allows remote attackers to upload and execute arbitrary PHP code in the img/ folder...

CVE-2007-3932

CVE-2007-3932 affects the Joomla! Expose component (RC35 and earlier, com_expose) via uploadimg.php. The code fails to exit after detecting non‑JPEG uploads, enabling an unauthenticated attacker to upload and execute arbitrary PHP in the img/ folder (remote code execution). This is supported by t...

CVE-2007-3932

uploadimg.php in the Expose RC35 and earlier comexpose component for Joomla! sends an error message but does not exit when it detects an attempt to upload a non-JPEG file, which allows remote attackers to upload and execute arbitrary PHP code in the img/ folder...

Expose for Joomla! File Upload RCE

The Expose component for Joomla!, a third-party component for Flash galleries, running on the remote host is affected by a remote code execution vulnerability within the comexpose/uploadimg.php script due to improper sanitization or verification of uploaded files before placing them in a...

CVE-2007-3813

PHP remote file inclusion vulnerability in include/user.php in the NoBoard BETA module for MKPortal allows remote attackers to execute arbitrary PHP code via a URL in the MKPATH parameter...

mycms098-exec.txt

!/usr/bin/php -q -d shortopentag=on Thanks to rgod for the php code and Marty for the Love "; if $argc 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.=" 0".dechexord$string$i; $cont++;if $cont==15 $cont=0; $result.="\r\n";...

mycms-exec.txt

!/usr/bin/php -q -d shortopentag=on Thanks to rgod for the php code and Marty for the Love "; if $argcNo new score set"; elseif $score $data $file1 = "snakescore.txt"; $file2 = "snakesetby.txt"; $file1h = fopen$file1, 'w' or die"can't open file"; $file2h = fopen$file2, 'w' or die"can't open file"...

Code injection

Multiple direct static code injection vulnerabilities in MyCMS 0.9.8 and earlier allow remote attackers to inject arbitrary PHP code into 1 a score.txt file via the score parameter, or 2 a setby.txt file via a login cookie, which is then included by games.php. NOTE: programs that use games.php...

CVE-2007-3587

CVE-2007-3587 affects MyCMS 0.9.8 and earlier. The vulnerability allows remote attackers to gain privileges by exploiting the admin cookie parameter, demonstrated via a POST to admin/settings.php that injects PHP code into settings.inc, which can then be executed by requesting index.php. This des...