7203 matches found
CVE-2007-3587
MyCMS 0.9.8 and earlier allows remote attackers to gain privileges via the admin cookie parameter, as demonstrated by a post to admin/settings.php that injects PHP code into settings.inc, which can then be executed via a direct request to index.php...
MyCMS <= 0.9.8 Remote Command Execution Exploit
No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo " MyCMS = 0.9.8 Remote Command Execution Exploit by BlackHawk [email protected] http://itablackhawk.altervista.org Thanks to rgod for the php code and Marty for the Love "; if $argc3 echo "Usage: php ".$argv0." Host...
CVE-2007-3544
Unrestricted file upload vulnerability in 1 wp-app.php and 2 app.php in WordPress 2.2.1 and WordPress MU 1.2.3 allows remote authenticated users to upload and execute arbitrary PHP code via unspecified vectors, possibly related to the wppostmeta table and the use of custom fields in normal...
CVE-2007-3543
Unrestricted file upload vulnerability in WordPress before 2.2.1 and WordPress MU before 1.2.3 allows remote authenticated users to upload and execute arbitrary PHP code by making a post that specifies a .php filename in the wpattachedfile metadata field; and then sending this file's content, alo...
Unrestricted file upload
Unrestricted file upload vulnerability in 1 wp-app.php and 2 app.php in WordPress 2.2.1 and WordPress MU 1.2.3 allows remote authenticated users to upload and execute arbitrary PHP code via unspecified vectors, possibly related to the wppostmeta table and the use of custom fields in normal...
CVE-2007-3543
Unrestricted file upload vulnerability in WordPress before 2.2.1 and WordPress MU before 1.2.3 allows remote authenticated users to upload and execute arbitrary PHP code by making a post that specifies a .php filename in the wpattachedfile metadata field; and then sending this file's content, alo...
Unrestricted file upload
Unrestricted file upload vulnerability in WordPress before 2.2.1 and WordPress MU before 1.2.3 allows remote authenticated users to upload and execute arbitrary PHP code by making a post that specifies a .php filename in the wpattachedfile metadata field; and then sending this file's content, alo...
CVE-2007-3543
Unrestricted file upload vulnerability in WordPress before 2.2.1 and WordPress MU before 1.2.3 allows remote authenticated users to upload and execute arbitrary PHP code by making a post that specifies a .php filename in the wpattachedfile metadata field; and then sending this file's content, alo...
CVE-2007-3544
Unrestricted file upload vulnerability in 1 wp-app.php and 2 app.php in WordPress 2.2.1 and WordPress MU 1.2.3 allows remote authenticated users to upload and execute arbitrary PHP code via unspecified vectors, possibly related to the wppostmeta table and the use of custom fields in normal...
CVE-2007-3543
Unrestricted file upload vulnerability in WordPress before 2.2.1 and WordPress MU before 1.2.3 allows remote authenticated users to upload and execute arbitrary PHP code by making a post that specifies a .php filename in the wpattachedfile metadata field; and then sending this file's content, alo...
CVE-2007-3544
Unrestricted file upload vulnerability in 1 wp-app.php and 2 app.php in WordPress 2.2.1 and WordPress MU 1.2.3 allows remote authenticated users to upload and execute arbitrary PHP code via unspecified vectors, possibly related to the wppostmeta table and the use of custom fields in normal...
CVE-2007-3544
CVE-2007-3544 describes an unrestricted file upload in WordPress 2.2.1 and WordPress MU 1.2.3 affecting (1) wp-app.php and (2) app.php. The issue allows remote authenticated users to upload and execute arbitrary PHP code via unspecified vectors, with possible linkage to the wp_postmeta table and ...
CVE-2007-3543
CVE-2007-3543 involves an Unrestricted file upload vulnerability in WordPress up to version 2.2.1 and WordPress MU up to 1.2.3. The flaw allows a remote authenticated user to upload and execute arbitrary PHP code by creating a post with a .php filename in the _wp_attached_file metadata field and ...
WordPress <= 2.2.1 - Arbitrary File Upload
This vulnerability is in wp-app.php and app.php. It allows remote authenticated users to upload and execute arbitrary PHP code via unspecified vectors. Solution Upgrade to latest version of WordPress...
MyCMS 0.9.8 - Remote Command Execution (1)
!/usr/bin/php -q -d shortopentag=on Thanks to rgod for the php code and Marty for the Love "; if $argc 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.=" 0".dechexord$string$i; $cont++;if $cont==15 $cont=0; $result.="\r\n";...
MyCMS 0.9.8 - Remote Command Execution (1)
MyCMS 0.9.8 - Remote Command Execution 1 !/usr/bin/php -q -d shortopentag=on Thanks to rgod for the php code and Marty for the Love "; if $argc 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.=" 0".dechexord$string$i; $cont++;...
MyCMS 0.9.8 - Remote Command Execution (2)
!/usr/bin/php -q -d shortopentag=on Thanks to rgod for the php code and Marty for the Love "; if $argcNo new score set"; elseif $score $data $file1 = "snakescore.txt"; $file2 = "snakesetby.txt"; $file1h = fopen$file1, 'w' or die"can't open file"; $file2h = fopen$file2, 'w' or die"can't open file"...
Unrestricted file upload
Unrestricted file upload vulnerability in admin/images.php in Pluxml 0.3.1 allows remote attackers to upload and execute arbitrary PHP code via a .jpg filename...
Remote file inclusion
PHP remote file inclusion vulnerability in cal.func.php in Valerio Capello Dagger - The Cutting Edge r23jan2007 allows remote attackers to execute arbitrary PHP code via a URL in the diredgelang parameter...
CVE-2007-3432
Unrestricted file upload vulnerability in admin/images.php in Pluxml 0.3.1 allows remote attackers to upload and execute arbitrary PHP code via a .jpg filename...