PLS-Bannieres 1.21 Bannieres.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/20772/info PLS-Bannieres is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicio...

Actionpoll 1.1.1 db/DataReaderWriter.php CONFIG_DB Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/20788/info Actionpoll is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote fi...

Feed on Feeds <= 0.5 - Remote PHP Code Injection Exploit

No description provided by source. ?php / ------------------------------------------------------ Feed on Feeds = 0.5 Remote PHP Code Injection Exploit ------------------------------------------------------ author..........: EgiX mail............: n0b0d13satgmaildotcom software link...:...

aWebNews 1.1 listing.php path_to_news Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/22781/info aWebNews is prone to multiple remote file-include vulnerabilities. An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code and execute it in the context of the...

Actionpoll 1.1.1 db/PollDB.php CONFIG_DATAREADERWRITER Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/20788/info Actionpoll is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote fi...

Limbo CMS <= 1.0.4.2L (com_contact) Remote Code Execution Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? printr' ----------------------------------------------------------------------------- Limbo = 1.0.4.2L comcontact remote commands execution exploit by rgod [email protected] site: http://retrogod.altervista.org dorks:...

MediaSlash Gallery Index.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17323/info MediaSlash Gallery is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include an...

WordPress <= 2.8.5 Unrestricted File Upload Arbitrary PHP Code Execution

No description provided by source. ============================================= - Release date: November 11th, 2009 - Discovered by: Dawid Golunski - Severity: Moderately High ============================================= I. VULNERABILITY ------------------------- WordPress = 2.8.5 Unrestricted...

Coppermine Photo Gallery 1.0 PHP Code Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7300/info Coppermine Photo Gallery has been reported prone to PHP code injection attacks. Due to a lack of sufficient sanitization performed on user-supplied filenames that are uploaded into the Photo Gallery, an attacker...

Yoxel <= 1.23beta (itpm_estimate.php a) Remote Code Execution Vuln

No description provided by source. :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP YmmMMMM MMM YM Discovered by dun \ dunatstrcpy.pl Yoxel = 1.23beta PHP code Injection Vulnerability Script: Yoxel is a hidden gem. This Open Source...

Wordpress Plugin WP-Syntax <= 0.9.1 - Remote Command Execution

No description provided by source. ============================================================ Wordpress Plugin WP-Syntax = 0.9.1 Remote Command Execution ============================================================ 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /...

CMS Made Simple 0.10 Lang.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14709/info CMS Made Simple is prone to a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may exploit this issue to execute arbitra...

Bitweaver <= 2.6 saveFeed() Remote Code Execution Exploit

No description provided by source. ?php / Bitweaver = 2.6 /boards/boardsrss.php / saveFeed remote code execution exploit by Nine:Situations:Group::bookoo php.ini independent site: http://retrogod.altervista.org/ software site: http://www.bitweaver.org/ You need an user account and you need to...

Serendipity <= 1.0.3 (comment.php) Local File Include Exploit

No description provided by source. ? print ' ::::::::: :::::::::: ::: ::: ::::::::::: ::: :+: :+: :+: :+: :+: :+: :+: +:+ +:+ +:+ +:+ +:+ +:+ +:+ ++ +:+ +++:++ ++ +:+ ++ ++ ++ ++ ++ ++ ++ ++ ++ + + + +++ + + ::::::::::: :::::::::: ::: :::: :::: :+: :+: :+: :+: +:+:+: :+:+:+ +:+ +:+ +:+ +:+ +:+...

Mambo Open Source 4.5/4.6 mod_mainmenu.php Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9445/info It has been reported that Mambo Open Source may be prone to a remote file include vulnerability that may allow an attacker to include malicious external files containing arbitrary PHP code to be executed on a...

VWar 1.5 joinus.php vwar_root Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/19387/info VWar is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote file...

VWar 1.5 stats.php vwar_root Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/19387/info VWar is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote file...

Pearl Forums 2.4 - Multiple Remote File Include Vulnerabilities

No description provided by source. !/usr/bin/env python coding: utf-8 from pocsuite.net import req from pocsuite.poc import POCBase, Output from pocsuite.utils import register import re class TestPOCPOCBase: vulID = '64261' ssvid version = '1.0' author = 'kikay' vulDate = '2006-11-21' createDate ...

File Thingie 2.5.5 - File Security Bypass

No description provided by source. Title: File Thingie v2.5.5 File Security Bypass Author: Jeremiah Talamantes RedTeam Security Website: http://www.redteamsecure.com/labs Date: 5/15/2010 Application: File Thingie Version: 2.5.5 Link: http://www.solitude.dk/filethingie/download Description: There...

Xcms 1.1/1.7 Password Parameter Arbitrary PHP Code Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/25771/info Xcms is prone to a vulnerability that lets attackers execute arbitrary PHP code because the application fails to properly sanitize user-supplied input. An attacker can exploit this issue to execute arbitrary...