Remote Code Execution in artmedic Newsletter 4.1 [log.php]

I found a bug in artmedic Newsletter 4.1 proably even in newer versions which lets an attacker run arbitrary php-code and bypass the password protection. The reason for this is mistake in design. log.php: ?php $time = time; $date = date"d.m.Y, H:i:s"; $remote = getenv"REMOTEADDR"; $ip =...

XOOPS xoopsConfig Parameter Variable Overwrite Local File Inclusion

The version of XOOPS installed on the remote host allows an unauthenticated attacker to skip processing of the application's 'include/common.php' script and thereby to gain control of the variables '$xoopsConfiglanguage' and '$xoopsConfigthemeset', which are used by various scripts to include PHP...

XOOPS < 2.0.9.4 include/common.php nocommon Parameter Local File Inclusion

Binary data 3629.prm...

CVE-2005-1755

PHP remote file inclusion vulnerability in pollvote.php in PHP Poll Creator 1.01 allows remote attackers to execute arbitrary PHP code via the relativerpfad parameter...

Fusion News v.1.0 (fil_config) Remote File Inclusion Exploit

No description provided by source. !/usr/bin/perl use IO::Socket; Exploit coded by: X0r1 Bug found by: X0r1 release: 21.05.06 vulnerable code in sources\post.php at lines 32-35: ---------------------------------------------------------------------------------- ... global $VARS, $TEMPLATE, $fillan...

CVE-2006-2479

The Update functionality in Bitrix Site Manager 4.1.x does not verify the authenticity of downloaded updates, which allows remote attackers to obtain sensitive information and ultimately execute arbitrary PHP code via DNS cache poisoning that redirects the user to a malicious site...

Design/Logic Flaw

The Update functionality in Bitrix Site Manager 4.1.x does not verify the authenticity of downloaded updates, which allows remote attackers to obtain sensitive information and ultimately execute arbitrary PHP code via DNS cache poisoning that redirects the user to a malicious site...

CVE-2006-2479

The Update functionality in Bitrix Site Manager 4.1.x does not verify the authenticity of downloaded updates, which allows remote attackers to obtain sensitive information and ultimately execute arbitrary PHP code via DNS cache poisoning that redirects the user to a malicious site...

Artmedic NewsLetter 4.1 - &#039;Log.php&#039; Remote Script Execution

source: https://www.securityfocus.com/bid/18047/info Artmedic Newsletter is prone to a remote PHP code-execution vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to create files containing arbitrary conte...

[SA20156] ScozNews &quot;CONFIG[main_path]&quot; File Inclusion Vulnerabilities

TITLE: ScozNews "CONFIGmainpath" File Inclusion Vulnerabilities SECUNIA ADVISORY ID: SA20156 VERIFY ADVISORY: http://secunia.com/advisories/20156/ CRITICAL: Highly critical IMPACT: System access WHERE: From remote SOFTWARE: ScozNews 1.x http://secunia.com/product/10016/ DESCRIPTION: Kacper has...

Remote file inclusion

PHP remote file inclusion vulnerability in ezUserManager 1.6 and earlier, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the ezUserManagerPath parameter to ezusermanagerpwdforgott.php, possibly due to an issue in ezusermanagercore.inc.php...

Squirrelcart cart_content.php cart_isp_root Parameter Remote File Inclusion

The remote host is running Squirrelcart, a shopping cart program written in PHP. The version of Squirrelcart installed on the remote host fails to sanitize user-supplied input to the 'cartisproot' parameter of the 'cartcontent.php' script before using it to include PHP code. Provided PHP's...

Newsportal: code injection vulnerability

Hello, there is a code injection vulnerability in NewsPortal that could give everyone the ability to execute php code on the webserver where newsportal is installed. This bug should only occur if "registerglobals=on" is set in the php.ini. To remove the problem: - install the recent version:...

Remote file inclusion

PHP remote file inclusion vulnerability in resources/includes/popp.config.loader.inc.php in PopSoft Digital PopPhoto Studio 3.5.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the includepath parameter cfg'popphotobasepath' variable. NOTE: Pixaria has notified CVE...

[SA20115] Php Blue Dragon CMS &quot;vsDragonRootPath&quot; File Inclusion

TITLE: Php Blue Dragon CMS "vsDragonRootPath" File Inclusion SECUNIA ADVISORY ID: SA20115 VERIFY ADVISORY: http://secunia.com/advisories/20115/ CRITICAL: Highly critical IMPACT: System access WHERE: From remote SOFTWARE: Php Blue Dragon CMS 2.x http://secunia.com/product/9942/ DESCRIPTION: Kacper...

[SA20087] PopPhoto &quot;cfg[popphoto_base_path]&quot; File Inclusion Vulnerability

TITLE: PopPhoto "cfgpopphotobasepath" File Inclusion Vulnerability SECUNIA ADVISORY ID: SA20087 VERIFY ADVISORY: http://secunia.com/advisories/20087/ CRITICAL: Highly critical IMPACT: System access WHERE: From remote SOFTWARE: PopPhoto 3.x http://secunia.com/product/9926/ DESCRIPTION: VietMafia h...

ACal embed/day.php path Parameter Remote File Inclusion

The remote host is running ACal, an open source, web-based event calendar written in PHP. The version of ACal installed on the remote host fails to sanitize user-supplied input to the 'path' parameter of the 'embed/day.php' script before using it in PHP 'include' functions. Provided PHP's...

Pixaria PopPhoto 3.5.4 - CFG[popphoto_base_path] Remote File Inclusion

Pixaria PopPhoto 3.5.4 - CFGpopphotobasepath Remote File Inclusion source: https://www.securityfocus.com/bid/17970/info Pixaria PopPhoto is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can...

Pixaria PopPhoto 3.5.4 - &#039;CFG[popphoto_base_path]&#039; Remote File Inclusion

source: https://www.securityfocus.com/bid/17970/info Pixaria PopPhoto is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing...

PHPBB 2.0.20 persistent issues with avatars

PHPBB 2.0.20 multiple issues with avatars some problems persistently lie in the way it handles remote and uploaded avatars: a remote user can: 1 saturate the server with unuseful files, 'cause phpbb do not delete the previous one when you upload a new avatar 2 use PhpBB installations to launch...