PmWiki <= 2.2.34 (pagelist) Remote PHP Code Injection Exploit

No description provided by source. ?php / ------------------------------------------------------------- PmWiki = 2.2.34 pagelist Remote PHP Code Injection Exploit ------------------------------------------------------------- author...............: Egidio Romano aka EgiX mail.................:...

Invision Power Board <= 3.3.4 "unserialize()" PHP Code Execution

No description provided by source. ?php / ---------------------------------------------------------------- Invision Power Board = 3.3.4 unserialize PHP Code Execution ---------------------------------------------------------------- author..............: Egidio Romano aka EgiX mail...................

Monalbum 0.8.7 - Remote Code Execution Exploit

No description provided by source. ?php / \|/// \ - - // @ @ ----oOOo---oOOo--------------------------------------------------- Y! Underground Group [email protected] Dj7xpl.2600.ir ----ooooO-----Ooooo-------------------------------------------------- \ / \ /...

Magic News Plus 1.0.2 n_layouts.php link_parameters Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/22661/info Magic News Pro is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. These issues include a remote file-include issue and two cross-site...

KC Wiki 1.0 - minimal/wiki.php page Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/28074/info KC Wiki is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to include arbitrary remote files containing...

KC Wiki 1.0 - simplest/wiki.php page Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/28074/info KC Wiki is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to include arbitrary remote files containing...

CedStat 1.31 index.php hier Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/22588/info CedStat is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker can exploit this issue to execute arbitrary PHP code in the context of the...

OpenNetAdmin 13.03.01 - Remote Code Execution

No description provided by source. Exploit Title: OpenNetAdmin Remote Code Execution Date: 03/04/13 Exploit Author: Mandat0ry aka Matthew Bryant Vendor Homepage: http://opennetadmin.com/ Software Link: http://opennetadmin.com/download.html Version: 13.03.01 Tested on: Ubuntu CVE : No CVE exists -...

Plantilla list_main_pages.php nfolder Parameter Traversal Arbitrary File Access

No description provided by source. source: http://www.securityfocus.com/bid/22669/info Simple Plantilla PHP is prone to multiple input-validation issues, including a local file-include vulnerability and an arbitrary file-upload vulnerability. Attackers can exploit the local file-include...

phpLDAPadmin <= 1.2.1.1 (query_engine) Remote PHP Code Injection Exploit

No description provided by source. ?php / ------------------------------------------------------------------------ phpLDAPadmin = 1.2.1.1 queryengine Remote PHP Code Injection Exploit ------------------------------------------------------------------------ author...............: EgiX...

Adaptive Website Framework 1.11 Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/18386/info Adaptive Website Framework is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to...

AlstraSoft Live Support 1.21 - Admin Credential Retrieve Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo AlstraSoft Live Support v1.21 Admin Credential Retrieve Exploit by BlackHawk [email protected] http://itablackhawk.altervista.org Thanks to rgod for the php code and Marty for the Love ; if $argc2 echo Usage: php...

Dotproject 2.0 /includes/session.php baseDir Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/16648/info Dotproject is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to includ...

IDevSpot PHPHostBot 1.0 Index.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/19084/info PHPHostBot is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious...

Boonex 2.0 Dolphin Index.php Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/21182/info Dolphin is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to have malicious PHP code execute in the context of the...

JD-WordPress 2.0-1.0 RC 2 for Joomla wp-comments-post.php Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/19209/info JD-WordPress for Joomla is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to include arbitrary remote files...

MetInfo 3.0 PHP Code Injection Vulnerability

No description provided by source...

TikiWiki jhot Remote Command Execution

No description provided by source. $Id: tikiwikijhotexec.rb 9929 2010-07-25 21:37:54Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...

Wordpress W3 Total Cache PHP Code Execution

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...

dotWidget for articles 2.0 showcatpicks.php file_path Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/18479/info dotWidget for Articles is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issu...