CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Packet Storm•added 2003/10/06 12:0 a.m.•21 views

EMML.txt

Informations : °°°°°°°°°°°°° Language : PHP ------------------------------------------------- Produit : EMML EternalMart Mailing List Manager Version : 1.32 ------------------------------------------------- Produit : EMGB EternalMart Guestbook Version : 1.1...

Exploit DB•added 2003/10/04 12:0 a.m.•21 views

EternalMart Mailing List Manager 1.32 - Remote File Inclusion

source: https://www.securityfocus.com/bid/8767/info EternalMart Mailing List Manager and Guestbook are prone to remote file-include vulnerabilities. Remote attackers may cause malicious PHP code to run on the webserver. http://target/admin/auth.php?emmladminpath=http://attacker will include the...

NVD•added 2003/08/18 4:0 a.m.•8 views

CVE-2003-0559

mainfile.php in phpforum 2 RC-1, and possibly earlier versions, allows remote attackers to execute arbitrary PHP code by modifying the MAINPATH parameter to reference a URL on a remote web server that contains the code...

7.5CVSS7.7AI score0.0075EPSS

securityvulns•added 2003/08/14 12:0 a.m.•34 views

BBCode XSS in XOOPS CMS

Informations : °°°°°°°°°°°°° Language : PHP Bugged Versions : 1.3.x and less + 2.0.x and less ? not checked Safe Version : 2.0.3 Website : http://www.xoops.org Problem : BBcode XSS PHP Code/Location : °°°°°°°°°°°°°°°°°°° This hole can be used in modules : - Private Messages - News - NewBB forum...

7AI score

Packet Storm•added 2003/07/18 12:0 a.m.•24 views

PUPET-simpnews.txt

original File name : PUPET-simpnews.txt date releases : july 15, 2003 Informations : ========================= Advisory Name: Simpnews include file Vulnerability Author: PUPET Discover by: PUPET Website vendor : http://www.boesch-it.de/ Versions : tested on V2.01 - V2.13 Problem : Include file PH...

Cvelist•added 2003/07/15 4:0 a.m.•11 views

CVE-2003-0559

7.7AI score0.0075EPSS

NVD•added 2003/06/17 4:0 a.m.•12 views

CVE-2003-1086

PHP remote file inclusion vulnerability in pm/lib.inc.php in pMachine Free and pMachine Pro 2.2 and 2.2.1 allows remote attackers to execute arbitrary PHP code by modifying the pmpath parameter to reference a URL on a remote web server that contains the code...

7.5CVSS7.5AI score0.03894EPSS

Exploits0References2

Exploit DB•added 2003/06/06 12:0 a.m.•159 views

Zentrack 2.2/2.3/2.4 - 'index.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/7843/info A remote file include vulnerability has been reported for Zentrack. Due to insufficient sanitization of some user-supplied variables by the 'index.php' script, it is possible for a remote attacker to include a malicious PHP file in a URL. If the...

exploitpack•added 2003/05/29 12:0 a.m.•10 views

Cafelog b2 0.6 - Remote File Inclusion

Cafelog b2 0.6 - Remote File Inclusion source: https://www.securityfocus.com/bid/7738/info A remote file include vulnerability has been reported for Cafelog. Due to insufficient sanitization of some user-supplied variables by the 'blogger-2-b2.php' and 'gm-2-b2.php' scripts, it is possible for a...

Cvelist•added 2003/05/22 4:0 a.m.•16 views

CVE-2003-0320

header.php in ttCMS 2.3 and earlier allows remote attackers to inject arbitrary PHP code by setting the ttcmsuseradmin parameter to "1" and modifying the adminroot parameter to point to a URL that contains a Trojan horse header.inc.php script...

7AI score0.0322EPSS

Cvelist•added 2003/05/14 4:0 a.m.•16 views

CVE-2003-0275

SSI.php in YaBB SE 1.5.2 allows remote attackers to execute arbitrary PHP code by modifying the sourcedir parameter to reference a URL on a remote web server that contains the code...

7.5AI score0.0075EPSS

securityvulns•added 2003/05/11 12:0 a.m.•39 views

miniPortail (PHP) : Admin Access

Informations : °°°°°°°°°°°°°° Language : PHP Website : http://www.aldweb.com/ Version : 1.9, 2.0, 2.1, 2.2 and less ? Problem : Admin Access PHP Code/Location : °°°°°°°°°°°°°°°°°°° admin/admin.php :...

0.4AI score

Packet Storm•added 2003/04/27 12:0 a.m.•19 views

truegalerie.txt

Informations : °°°°°°°°°°°°°° Language : PHP Website : http://www.truelogik.net Version : 1.0 Problems : - Admin Access - File Copy PHP Code/Location : °°°°°°°°°°°°°°°°°°° verifadmin.php, checkadmin.php : ------------------------------------------------------------------------ "; echo ""; echo...

NVD•added 2003/04/22 4:0 a.m.•15 views

CVE-2002-1466

CafeLog b2 Weblog Tool 2.06pre4, with allowfopenurl enabled, allows remote attackers to execute arbitrary PHP code via the b2inc variable...

10CVSS7.5AI score0.01185EPSS

Exploits1References2

Exploit DB•added 2003/04/07 12:0 a.m.•33 views

Coppermine Photo Gallery 1.0 - PHP Code Injection

source: https://www.securityfocus.com/bid/7300/info Coppermine Photo Gallery has been reported prone to PHP code injection attacks. Due to a lack of sufficient sanitization performed on user-supplied filenames that are uploaded into the Photo Gallery, an attacker may upload a malicious JPEG. The...

exploitpack•added 2003/04/07 12:0 a.m.•20 views

Coppermine Photo Gallery 1.0 - PHP Code Injection

Coppermine Photo Gallery 1.0 - PHP Code Injection source: https://www.securityfocus.com/bid/7300/info Coppermine Photo Gallery has been reported prone to PHP code injection attacks. Due to a lack of sufficient sanitization performed on user-supplied filenames that are uploaded into the Photo...

0.2AI score

Exploit DB•added 2003/04/04 12:0 a.m.•59 views

PHPSysInfo 2.0/2.1 - 'index.php' LNG File Disclosure

source: https://www.securityfocus.com/bid/7286/info PHPSysInfo has been reported to be vulnerable to a file disclosure issue. Local users may be capable of influencing the include path for PHPSysinfo language include files. If the malicious language file is symlinked to a web server readable file...