Several Critical Remotely Exploitable Flaws Found in Drupal Modules, patch ASAP!

The extraordinary 'Panama Papers leak' from Law firm Mossack Fonseca that exposed the tax-avoiding efforts by the world's richest and most influential members was initially believed to be the result of an unpatched vulnerability in the popular content management systems: Drupal and WordPress. Now...

WordPress Easy Forms For MailChimp 6.0.5.5 Local File Inclusion

------------------------------------------------------------------------ Easy Forms for MailChimp Local File Inclusion vulnerability ------------------------------------------------------------------------ Yorick Koster, July 2016...

IPS Community Suite 4.1.12.3 - PHP Code Injection

IPS Community Suite 4.1.12.3 - PHP Code Injection --------------------------------------------------------------------------- IPS Community Suite contentclass ; 39. 40. if ! classexists $class or ! inarray 'IPS\Content', classparents $class 41. 42. \IPS\Output::i-error 'nodeerror', '2S226/2', 404...

SugarCRM PHP Object Injection Vulnerability (Jun 2016)

SugarCRM is prone to a PHP injection vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:sugarcrm:sugarcrm";...

SugarCRM <= 6.5.18 Multiple Vulnerabilities

SugarCRM is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:sugarcrm:sugarcrm"; if description...

IPS Community Suite 4.1.12.3 PHP Code Injection

--------------------------------------------------------------------------- IPS Community Suite contentclass ; 39. 40. if ! classexists $class or ! inarray 'IPS\Content', classparents $class 41. 42. \IPS\Output::i-error 'nodeerror', '2S226/2', 404, '' ; 43. User input passed through the...

phpLiteAdmin PHP Code Injection Vulnerability

phpLiteAdmin is prone to a PHP code injection vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

WebCalendar 1.2.7 - Multiple Vulnerabilities

Exploit for php platform in category web applications + Credits: John Page aka HYP3RLINX + ISR: ApparitionSec Vendor: ========================== www.k5n.us/webcalendar.php Product: ================== WebCalendar v1.2.7 WebCalendar is a PHP-based calendar application that can be configured as a...

Design/Logic Flaw

phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 does not properly choose delimiters to prevent use of the pregreplace e aka eval modifier, which might allow remote attackers to execute arbitrary PHP code via a crafted string, as demonstrated by the table...

CVE-2016-5734

phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 does not properly choose delimiters to prevent use of the pregreplace e aka eval modifier, which might allow remote attackers to execute arbitrary PHP code via a crafted string, as demonstrated by the table...

Riverbed SteelCentral NetProfiler NetExpress 10.8.7 - Multiple Vulnerabilities

Riverbed SteelCentral NetProfiler NetExpress 10.8.7 - Multiple Vulnerabilities , , . '.' '. ', . , '. , .', , / / / \ \ ==/ /\ \ / / \ / \ / / | \ \ Y Y \ / /| / \ /||| / / /.-. / /:wq x.0 '=.|w|.=' =''"''=. presents.. Riverbed SteelCentral NetProfiler & NetExpress Multiple Vulnerabilities...

SugarCRM 6.5.18 - PHP Code Injection

SugarCRM 6.5.18 - PHP Code Injection --------------------------------------------------------- SugarCRM $val 104. $str.= overridevaluetostringrecursive2$newArrayName, $key, $val, $saveempty; 105. 106. return $str; 107. else 108. if!$saveempty && empty$value 109. return; 110. else 111. return...

My Little Forum 2.3.5 - PHP Command Injection

/ + Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MYLITTLEFORUM-PHP-CMD-EXECUTION.txt + ISR: APPARITIONSEC Vendor: ================= mylittleforum.net Download: github.com/ilosuna/mylittleforum/releases/tag/v2.3.5 Product:...

SugarCRM 6.5.18 PHP Code Injection

--------------------------------------------------------- SugarCRM $val 104. $str.= overridevaluetostringrecursive2$newArrayName, $key, $val, $saveempty; 105. 106. return $str; 107. else 108. if!$saveempty && empty$value 109. return; 110. else 111. return "$$arrayname" . "'$valuename' = "...

Airia - Arbitrary File Upload

Airia - Arbitrary File Upload Exploit Title: Airia - Webshell Upload Vulnerability Date: 2016-06-20 Exploit Author: HaHwul Exploit Author Blog: www.hahwul.com Vendor Homepage: http://ytyng.com Software Link: https://github.com/ytyng/airia/archive/master.zip Version: Latest commit Tested on: Debia...

phpATM 1.32 - Multiple Vulnerabilities

!-- Exploit Title : "phpATM = 1.32 Multiple CSRF Vulnerabilities & Full Path Disclosure Vulnerability" Date : 17/06/2016 Author : Paolo Massenio - pmassenioATgmail Vendor : phpATM - http://phpatm.org/ Version : = 1.32 Tested on : Windows 10 with XAMPP 1 CSRF in configure.php phpATM lets the...

Bomgar Remote Support - Code Execution (Metasploit)

Bomgar Remote Support - Code Execution Metasploit This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Bomgar Remote Support Unauthenticated Code Execution', 'Description' = %q This...

Bomgar Remote Support Unauthenticated Code Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Bomgar Remote Support Unauthenticated Code Execution', 'Description' = %q This module exploits a vulnerability in the Bomgar Remote...

Design Logic Vulnerabilities in FineCMS Backend Template Management

FineCMS is a web content management system developed by Chengdu Tianrui Information Technology Company Limited based on CI framework. There is a design flaw in the Edit Template Files feature in the Template Management of the FineCMS administration backend that does not check the extensions of th...

CVE-2015-5723

Doctrine Annotations before 1.2.7, Cache before 1.3.2 and 1.4.x before 1.4.2, Common before 2.4.3 and 2.5.x before 2.5.1, ORM before 2.4.8 or 2.5.x before 2.5.1, MongoDB ODM before 1.0.2, and MongoDB ODM Bundle before 3.0.1 use world-writable permissions for cache directories, which allows local...