CVE-2006-1032

Eval injection vulnerability in the decode function in rpcdecoder.php for phpRPC 0.7 and earlier, as used by runcms, exoops, and possibly other programs, allows remote attackers to execute arbitrary PHP code via the base64 tag...

Limbo CMS <= 1.0.4.2 (ItemID) Remote Code Execution Exploit (meta)

No description provided by source. Title: Limbo CMS version 1.x suffers from a remote code execution vulnerability. Name: limbocms1x.pm License: Artistic/BSD/GPL Info: Trying to get the command execution exploits out of the way on milw0rm.com. M's are always good. - This is an exploit module for...

Limbo CMS 1.0.4.2 - itemID Remote Code Execution (Metasploit)

Limbo CMS 1.0.4.2 - itemID Remote Code Execution Metasploit Title: Limbo CMS version 1.x suffers from a remote code execution vulnerability. Name: limbocms1x.pm License: Artistic/BSD/GPL Info: Trying to get the command execution exploits out of the way on milw0rm.com. M's are always good. - This ...

Limbo CMS 1.0.4.2 - 'itemID' Remote Code Execution (Metasploit)

Title: Limbo CMS version 1.x suffers from a remote code execution vulnerability. Name: limbocms1x.pm License: Artistic/BSD/GPL Info: Trying to get the command execution exploits out of the way on milw0rm.com. M's are always good. - This is an exploit module for the Metasploit Framework, please se...

CVE-2006-1022

PHP remote file include vulnerability in solmenu.php in PeHePe Uyelik Sistemi aka PeHePe MemberShip Management System 3 allows remote attackers to include and execute arbitrary PHP code via a URL in the uyeklasor parameter, along with a misafir parameter that is set to UYESEVIYE...

4Images <= 1.7.1 index.php template Parameter Traversal Local File Inclusion

4Images is installed on the remote system. It is an image gallery management system. The installed application does not validate user-input passed in the 'template' variable of the 'index.php' file. This allows an attacker to execute directory traversal attacks and display the content of sensitiv...

EV0084.txt

New eVuln Advisory: Skate Board Multimple Vulnerabilities http://evuln.com/vulns/84/summary.html --------------------Summary---------------- eVuln ID: EV0084 CVE: CVE-2006-0809 CVE-2006-0810 CVE-2006-0811 Software: Skate Board Sowtware's Web Site: http://bb.jiraiya.se/main.php?content=start...

PHORUM 3.x/5.x - &#039;Common.php&#039; Remote File Inclusion

source: https://www.securityfocus.com/bid/16977/info The PHORUM application is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containin...

PHP-Stats &lt;= 0.1.9.1 remote commands execution

------------- PHP-Stats = 0.1.9.1 remote commands execution ------------------- software: site: http://www.phpstats.net/ description: Open source statistical package for PHP enabled web sites -------------------------------------------------------------------------------- i vulnerable code in...

[eVuln] Skate Board Multimple Vulnerabilities

New eVuln Advisory: Skate Board Multimple Vulnerabilities http://evuln.com/vulns/84/summary.html --------------------Summary---------------- eVuln ID: EV0084 CVE: CVE-2006-0809 CVE-2006-0810 CVE-2006-0811 Software: Skate Board Sowtware's Web Site: http://bb.jiraiya.se/main.php?content=start...

CVE-2006-0957

Direct static code injection vulnerability in func.inc.php in ZoneO-Soft freeForum before 1.2.1 allows remote attackers to execute arbitrary PHP code via the 1 X-Forwarded-For and 2 Client-Ip HTTP headers, which are stored in Data/flood.db.php...

LogIT 1.31.4 - Remote File Inclusion

LogIT 1.31.4 - Remote File Inclusion source: https://www.securityfocus.com/bid/16932/info LogIT is prone to a remote file-include vulnerability. This issue is due to the application's failure to properly sanitize user-supplied input. Attackers may specify remotely hosted script files to be execut...

LogIT 1.3/1.4 - Remote File Inclusion

source: https://www.securityfocus.com/bid/16932/info LogIT is prone to a remote file-include vulnerability. This issue is due to the application's failure to properly sanitize user-supplied input. Attackers may specify remotely hosted script files to be executed in the context of the webserver...

CVE-2006-0945

PHP remote file include vulnerability in admin/index.php in Archangel Weblog 0.90.02 allows remote authenticated administrators to execute arbitrary PHP code via a URL ending in a NULL %00 in the index parameter...

Code injection

Multiple direct static code injection vulnerabilities in savesettings.php in ShoutLIVE 1.1.0 allow remote attackers to execute arbitrary PHP code via variables that are written to settings.php...

CVE-2006-0940

Multiple direct static code injection vulnerabilities in savesettings.php in ShoutLIVE 1.1.0 allow remote attackers to execute arbitrary PHP code via variables that are written to settings.php...

CVE-2006-0940

Multiple direct static code injection vulnerabilities in savesettings.php in ShoutLIVE 1.1.0 allow remote attackers to execute arbitrary PHP code via variables that are written to settings.php...

PEHEPE Membership Management System 3.0 - Remote PHP Script Code Injection

PEHEPE Membership Management System 3.0 - Remote PHP Script Code Injection source: https://www.securityfocus.com/bid/16887/info PEHEPE Membership Management System is prone to a remote PHP code-injection vulnerability. An attacker can exploit this issue to facilitate a compromise of the applicati...

MySQL 5.0.18 - Query Logging Bypass

source: https://www.securityfocus.com/bid/16850/info MySQL is prone to a query-logging-bypass vulnerability. This issue is due to a discrepancy between the handling of NULL bytes in the 'mysqlrealquery' function and in the query-logging functionality. This issue allows attackers to bypass the...

CVE-2006-0891

Multiple directory traversal vulnerabilities in NOCC Webmail 1.0 allow remote attackers to include arbitrary files via .. dot dot sequences and a trailing NULL %00 byte in 1 the SESSION'nocctheme' parameter in a html/footer.php; and 2 the lang and 3 theme parameters and the 4 Accept-Language HTTP...