CVE-2011-5273

CVE-2011-5273 : Domain Technologie Control (DTC) before 0.34.1 has a directory traversal flaw in the shared/package-installer component. An authenticated remote user can craft a problematic pkg parameter in a do_install action to dtc/ to trigger arbitrary PHP code execution. Root cause is imprope...

CVE-2013-2089

Incomplete blacklist vulnerability in ownCloud before 5.0.6 allows remote authenticated users to execute arbitrary PHP code by uploading a crafted file, then accessing it via a direct request to the file in /data...

CVE-2013-2089

Incomplete blacklist vulnerability in ownCloud before 5.0.6 allows remote authenticated users to execute arbitrary PHP code by uploading a crafted file, then accessing it via a direct request to the file in /data...

CVE-2013-1850

Multiple incomplete blacklist vulnerabilities in 1 import.php and 2 ajax/uploadimport.php in apps/contacts/ in ownCloud before 4.0.13 and 4.5.x before 4.5.8 allow remote authenticated users to execute arbitrary PHP code by uploading a .htaccess file...

CVE-2013-2089

Incomplete blacklist vulnerability in ownCloud before 5.0.6 allows remote authenticated users to execute arbitrary PHP code by uploading a crafted file, then accessing it via a direct request to the file in /data...

Discuz! X3. 1 Background to arbitrary code execution can take shell-vulnerability warning-the black bar safety net

See someone ask Discuz! X3. 1 Background how get shell, download it a look, before someone says HTML generation can take the shell, I yesterday the official website to download the version found, the static file extensions, limiting the htm/html. If the server does not exist parsing vulnerability...

CVE-2014-2088

Unrestricted file upload vulnerability in ilias.php in ILIAS 4.4.1 allows remote authenticated users to execute arbitrary PHP code by using a .php filename in an uploadfiles action to the uploadFiles command, and then accessing the .php file via a direct request to a certain clientid pathname...

CVE-2014-2089

ILIAS 4.4.1 allows remote attackers to execute arbitrary PHP code via an e-mail attachment that leads to creation of a .php file with a certain clientid pathname...

CVE-2014-2088

Unrestricted file upload vulnerability in ilias.php in ILIAS 4.4.1 allows remote authenticated users to execute arbitrary PHP code by using a .php filename in an uploadfiles action to the uploadFiles command, and then accessing the .php file via a direct request to a certain clientid pathname...

Unrestricted file upload

Unrestricted file upload vulnerability in ilias.php in ILIAS 4.4.1 allows remote authenticated users to execute arbitrary PHP code by using a .php filename in an uploadfiles action to the uploadFiles command, and then accessing the .php file via a direct request to a certain clientid pathname...

Code injection

ILIAS 4.4.1 allows remote attackers to execute arbitrary PHP code via an e-mail attachment that leads to creation of a .php file with a certain clientid pathname...

CVE-2014-2088

Summary : CVE-2014-2088 refers to an unrestricted file upload in ILIAS 4.4.1 (ilias.php) that allows remote authenticated users to execute arbitrary PHP code by uploading a .php filename via the upload_files action to the uploadFiles command and then accessing the uploaded file through a client_i...

CVE-2014-2089

ILIAS 4.4.1 allows remote attackers to execute arbitrary PHP code via an e-mail attachment that leads to creation of a .php file with a certain clientid pathname...

Code injection

admin/libraries/view.functions.php in FreePBX 2.9 before 2.9.0.14, 2.10 before 2.10.1.15, 2.11 before 2.11.0.23, and 12 before 12.0.1alpha22 does not restrict the set of functions accessible to the API handler, which allows remote attackers to execute arbitrary PHP code via the function and args...

EasyTalk开源微博系统SQL注入

简要描述： 搞开发的，把产品自身安全做好才是王道，而不是借助某些所谓的安全产品来帮助防御！ 详细说明： Location: Home/Lib/Action/SpaceAction.class.php 代码片段 //profile 获得用户 public function getuser if $this-my'username'==$GET'username' $user=$this-my; else //$GETusername参数未过滤，这里的$GETusername，就是url上的t.nextsns.com/?username...

Kloxo SQL注入和远程代码执行漏洞

No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote include Msf::Exploit::Remote::HttpClient include Msf::Exploit::FileDropper Ran...

Kloxo SQL Injection / Remote Code Execution Exploit

This Metasploit module exploits an unauthenticated SQL injection vulnerability affecting Kloxo, as exploited in the wild on January 2014. The SQL injection issue can be abused in order to retrieve the Kloxo admin cleartext password from the database. With admin access to the web control panel,...

Comet WebFileManager CheckUpload.php Language Parameter PHP Code Execution - Ver2 (CVE-2006-4077)

A code execution vulnerability has been reported in Vincenzo Valvano Comet WebFileManager CWFM. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Joomla JomSocial 2.6 Code Execution

!/usr/bin/python Joomla! JomSocial component = 2.6 PHP code execution exploit Authors: - Matias Fontanini - Gaston Traberg This exploit allows the execution of PHP code without any prior authentication on the Joomla! JomSocial component. Note that in order to be able to execute PHP code, both the...

Boite de News index.php url_index Parameter PHP Code Execution - Ver2 (CVE-2006-4123)

A code execution vulnerability has been reported in Boite de News. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...