CVE-2007-2859

Multiple PHP remote file inclusion vulnerabilities in SimpGB 1.46.0 allow remote attackers to execute arbitrary PHP code via a URL in the pathsimpgb parameter to 1 guestbook.php, 2 search.php, 3 mailer.php, 4 avatars.php, 5 ccode.php, 6 comments.php, 7 emoticons.php, 8 gbdownload.php, and possibl...

CVE-2007-2777

Unrestricted file upload vulnerability in admin/addsptemplate.php in AlstraSoft Template Seller Pro 3.25 and earlier allows remote attackers to execute arbitrary PHP code via an arbitrary .php filename in the zip parameter, which is created under sptemplates/...

Unrestricted file upload

Unrestricted file upload vulnerability in admin/addsptemplate.php in AlstraSoft Template Seller Pro 3.25 and earlier allows remote attackers to execute arbitrary PHP code via an arbitrary .php filename in the zip parameter, which is created under sptemplates/...

CVE-2007-2779

PHP remote file inclusion vulnerability in templatecsv.php in Libstats 1.0.3 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the rInfocontent parameter...

CVE-2007-2774

Multiple PHP remote file inclusion vulnerabilities in SunLight CMS 5.3 allow remote attackers to execute arbitrary PHP code via a URL in the root parameter to 1 connect.php or 2 modules/startup.php...

tsp-admin.txt

!/usr/bin/php -q -d shortopentag=on Thanks to rgod for the php code and Marty for the Love "; if $argc4 echo "Usage: php ".$argv0." Host Path ID password Host: target server ip/hostname Path: path of template ID: A Valid Admin ID usally 1 works for the 'admin' nickname password: The PWD you want ...

efriends-admin.txt

!/usr/bin/php -q -d shortopentag=on Thanks to rgod for the php code and Marty for the Love "; if $argc 126 $result...

AlstraSoft Live Support v1.21 Admin Credential Retrieve Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo " AlstraSoft Live Support v1.21 Admin Credential Retrieve Exploit by BlackHawk [email protected] http://itablackhawk.altervista.org Thanks to rgod for the php code and Marty for the Love "; if $argc2 echo "Usage: php...

Alstrasoft Template Seller Pro 3.25 - Admin Password Change

!/usr/bin/php -q -d shortopentag=on Thanks to rgod for the php code and Marty for the Love "; if $argc4 echo "Usage: php ".$argv0." Host Path ID password Host: target server ip/hostname Path: path of template ID: A Valid Admin ID usally 1 works for the 'admin' nickname password: The PWD you want ...

Alstrasoft Template Seller Pro 3.25 - Admin Password Change

Alstrasoft Template Seller Pro 3.25 - Admin Password Change !/usr/bin/php -q -d shortopentag=on Thanks to rgod for the php code and Marty for the Love "; if $argc4 echo "Usage: php ".$argv0." Host Path ID password Host: target server ip/hostname Path: path of template ID: A Valid Admin ID usally ...

Alstrasoft Live Support 1.21 - Admin Credential Retrieve

!/usr/bin/php -q -d shortopentag=on Thanks to rgod for the php code and Marty for the Love "; if $argc2 echo "Usage: php ".$argv0." Host Path Host: target server ip/hostname Path: path of LiveSupport Example: php ".$argv0." localhost /LiveSupport/ "; die; errorreporting0;...

AlstraSoft Template Seller Pro <= 3.25 Admin Password Change Exploit

Exploit for unknown platform in category web applications ==================================================================== AlstraSoft Template Seller Pro = 3.25 Admin Password Change Exploit ==================================================================== !/usr/bin/php -q -d shortopentag=...

CVE-2007-2762

Multiple PHP remote file inclusion vulnerabilities in Build it Fast bif3 0.4.1 allow remote attackers to execute arbitrary PHP code via a URL in 1 the peardir parameter to Base/Application.php, or the 2 sysdir parameter to a Footer.php, b widget.BifContainer.php, c widget.BifRoot.php, d...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in PHPGlossar 0.8 allow remote attackers to execute arbitrary PHP code via a URL in the formatmenue parameter to 1 admin/inc/changeaction.php or 2 admin/inc/add.php...

CVE-2007-2742

Unrestricted file upload vulnerability in labs.beffa.org w2box 4.0.0 Beta4 allows remote attackers to upload arbitrary PHP code via a filename with a double extension such as .php.jpg...

Unrestricted file upload

Unrestricted file upload vulnerability in labs.beffa.org w2box 4.0.0 Beta4 allows remote attackers to upload arbitrary PHP code via a filename with a double extension such as .php.jpg...

CVE-2007-2742

Unrestricted file upload vulnerability in labs.beffa.org w2box 4.0.0 Beta4 allows remote attackers to upload arbitrary PHP code via a filename with a double extension such as .php.jpg...

CVE-2007-2736

PHP remote file inclusion vulnerability in index.php in Achievo 1.1.0 allows remote attackers to execute arbitrary PHP code via a URL in the configatkroot parameter...

CVE-2007-2679

Summary: CVE-2007-2679 is a PHP file inclusion vulnerability in Ivan Peevski gallery 0.3 (Simple PHP Scripts, sPHP). Affected component: index.php; vulnerability arises from using a user-supplied gallery parameter as input to file_exists, enabling inclusion of arbitrary PHP code through UNC or lo...

CVE-2007-2663

PHP remote file inclusion vulnerability in language/1/splash.lang.php in Beacon 0.2.0 allows remote attackers to execute arbitrary PHP code via a URL in the languagePath parameter...