ShoutPro 1.5.2 - 'shout.php' Remote Code Injection

?php echo "\n"; echo " Special Greetings To - Timq,Warpboy,The-Maggot \n"; echo "\n\n\n"; //Writes Files - Under 100 bytes to meet requirements $temppayload = "%3C%3F%24a%3D...

ShoutPro 1.5.2 - shout.php Remote Code Injection

ShoutPro 1.5.2 - shout.php Remote Code Injection ?php echo "\n"; echo " Special Greetings To - Timq,Warpboy,The-Maggot \n"; echo "\n\n\n"; //Writes Files - Under 100 bytes to meet requirements $temppayload = "...

LS simple guestbook - arbitrary code execution

Special Greetings To - Timq,Warpboy,The-Maggot File: index.php Affects: LS simple guestbook v1 Date: 15th April 2007 Issue Description: =========================================================================== LS simple guestbook fails to sanitize user input that it writes to the posts.txt file...

LS Simple Guestbook 1.0 - Remote Code Execution

LS Simple Guestbook 1.0 - Remote Code Execution Special Greetings To - Timq,Warpboy,The-Maggot File: index.php Affects: LS simple guestbook v1 Date: 15th April 2007 Issue Description: =========================================================================== LS simple guestbook fails to sanitize...

LS simple guestbook (v1) Remote Code Execution Vulnerability

Exploit for unknown platform in category web applications ============================================================ LS simple guestbook v1 Remote Code Execution Vulnerability ============================================================ Special Greetings To - Timq,Warpboy,The-Maggot File:...

LS Simple Guestbook 1.0 - Remote Code Execution

Special Greetings To - Timq,Warpboy,The-Maggot File: index.php Affects: LS simple guestbook v1 Date: 15th April 2007 Issue Description: =========================================================================== LS simple guestbook fails to sanitize user input that it writes to the posts.txt file...

CVE-2006-7193

PHP remote file inclusion vulnerability in unittest/testcases.php in Smarty 2.6.1 allows remote attackers to execute arbitrary PHP code via a URL in the SMARTYDIR parameter. NOTE: this issue is disputed by CVE and a third party because SMARTYDIR is a constant...

CVE-2007-1998

Direct static code injection vulnerability in HIOX Guest Book HGB 4.0 allows remote attackers to inject arbitrary PHP code via the Email field, which results in code execution through a direct request to gb.php...

CVE-2007-2005

Multiple PHP remote file inclusion vulnerabilities in the Taskhopper 1.1 component for Mambo and Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter to 1 contacttype.php, 2 itemstatustype.php, 3 projectstatustype.php, 4 requesttype.php, 5...

Authorization

InoutMailingListManager 3.1 and earlier sends a Location redirect header but does not exit after an authorization check fails, which allows remote attackers to access certain restricted functionality, and upload and execute arbitrary PHP code, by ignoring the redirect...

Design/Logic Flaw

InoutMailingListManager 3.1 and earlier allows remote attackers to access certain restricted functionality, and upload and execute arbitrary PHP code, by setting an arbitrary admin cookie...

CVE-2007-2015

PHP remote file inclusion vulnerability in index.php in Request It 1.0b allows remote attackers to execute arbitrary PHP code via a URL in the id parameter...

Code injection

Direct static code injection vulnerability in HIOX Guest Book HGB 4.0 allows remote attackers to inject arbitrary PHP code via the Email field, which results in code execution through a direct request to gb.php...

CVE-2007-2003

InoutMailingListManager 3.1 and earlier sends a Location redirect header but does not exit after an authorization check fails, which allows remote attackers to access certain restricted functionality, and upload and execute arbitrary PHP code, by ignoring the redirect...

CVE-2007-1998

Direct static code injection vulnerability in HIOX Guest Book HGB 4.0 allows remote attackers to inject arbitrary PHP code via the Email field, which results in code execution through a direct request to gb.php...

CVE-2007-1992

Multiple PHP remote file inclusion vulnerabilities in the comzoom 2.5 beta 2 and earlier module for Mambo allow remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter to 1 EXIFMakernote.php or 2 EXIF.php in classes/iptc/...

Remote file inclusion

PHP remote file inclusion vulnerability in codebreak.php in CodeBreak, probably 1.1.2 and earlier, allows remote attackers to execute arbitrary PHP code via a URL in the processmethod parameter...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in the comzoom 2.5 beta 2 and earlier module for Mambo allow remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter to 1 EXIFMakernote.php or 2 EXIF.php in classes/iptc/...

CVE-2007-1982

Multiple PHP remote file inclusion vulnerabilities in Really Simple PHP and Ajax RSPA 2007-03-23 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the 1 IncludeFilePHPClass, 2 ClassPath, and 3 class parameters to a rspa/framework/Controllerv5.php, and b...

CVE-2007-1975

Multiple PHP remote file inclusion vulnerabilities in SLAED CMS 2 allow remote attackers to execute arbitrary PHP code via a URL in the 1 path parameter to admin/admin.php or the 2 modpath parameter to index.php...