Support Incident Tracker 3.45 - 3.65 RCE Vulnerability

Support Incident Tracker is prone to a remote code execution RCE vulnerability because the application fails to sufficiently sanitize user-supplied input. Copyright C 2011 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

PmWiki Pagelist 'order' Parameter PHP Code Injection Vulnerability

The host is running PmWiki and is prone to PHP code injection vulnerability. OpenVAS Vulnerability Test $Id: secpodpmwikipagelistorderparamphpcodeinjvuln.nasl 7029 2017-08-31 11:51:40Z teissa $ PmWiki Pagelist 'order' Parameter PHP Code Injection Vulnerability Authors: Sooraj KS Copyright:...

PmWiki <= 2.2.34 (pagelist) Remote PHP Code Injection Vulnerability

------------------------------------------------------------------- PmWiki = 2.2.34 pagelist Remote PHP Code Injection Vulnerability ------------------------------------------------------------------- author...............: Egidio Romano aka EgiX mail.................: n0b0d13satgmaildotcom...

PmWiki 2.2.34 - 'pagelist' Remote PHP Code Injection (1)

$r 454. if @$PageListSortCmp$o 455. $code .= "$c = $PageListSortCmp$o; "; 456. else 457. $code .= "$c = @strcasecmp$PCache$x'$o',$PCache$y'$o'; "; 458. $code .= "if $c return $r$c;\n"; 459. 460. StopWatch'PageListSort sort'; 461. if $code 462. uasort$list, 463. createfunction'$x,$y',...

PmWiki <= 2.2.34 (pagelist) Remote PHP Code Injection Exploit

Exploit for php platform in category web applications $r 454. if @$PageListSortCmp$o 455. $code .= "$c = $PageListSortCmp$o; "; 456. else 457. $code .= "$c = @strcasecmp$PCache$x'$o',$PCache$y'$o'; "; 458. $code .= "if $c return $r$c;\n"; 459. 460. StopWatch'PageListSort sort'; 461. if...

Support Incident Tracker (SiT!) Multiple Input Validation Vulnerabilities

Support Incident Tracker SiT! is prone to the following input- validation vulnerabilities: 1. A cross-site scripting vulnerability 2. An SQL-injection vulnerability 3. A PHP code-injection vulnerability 4. A path-disclosure vulnerability 5. An arbitrary-file-upload vulnerability Exploiting these...

FreeWebShop 2.2.9 R2 - &#039;ajax_save_name.php&#039; Remote Code Execution

get; 41. ifremoveTrailingSlash$sessionAction-getFolder == getParentPath$POST'id' && sizeof$selectedDocuments 42. 43. if$key = arraysearchbasename$POST'id', $selectedDocuments !== false 44. 45. $selectedDocuments$key = $POST'value'; 46. $sessionAction-set$selectedDocum...

Support Incident Tracker (SiT!) <= 3.65 Multiple Vulnerabilities

Support Incident Tracker SiT! is prone to multiple vulnerabilities. Copyright C 2011 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

Wordpress Zingiri Plugin &lt;= 2.2.3 (ajax_save_name.php) Remote Code Execution

No description provided by source. ?php / ------------------------------------------------------------------------ Wordpress Zingiri Web Shop Plugin = 2.2.3 Remote Code Execution Exploit ------------------------------------------------------------------------ author...............: Egidio Romano...

WordPress Zingiri 2.2.3 Code Execution

get; 41. ifremoveTrailingSlash$sessionAction-getFolder == getParentPath$POST'id' && sizeof$selectedDocuments 42. 43. if$key = arraysearchbasename$POST'id', $selectedDocuments !== false 44. 45. $selectedDocuments$key = $POST'value'; 46. $sessionAction-set$selectedDocuments; 47. 48. 49. echo...

phpLDAPadmin &lt;= 1.2.1.1 &#40;query_engine&#41; Remote PHP Code Injection Exploit

phpLDAPadmin = 1.2.1.1 queryengine Remote PHP Code Injection Exploit author...............: EgiX mail.................: n0b0d13satgmaildotcom software link........: http://phpldapadmin.sourceforge.net/ affected versions....: from 1.2.0 to 1.2.1.1 - vulnerable code in /lib/functions.php 1002...

Code injection

Static code injection vulnerability in install.php in e107 CMS 0.7.24 and probably earlier versions, when the installation script is not removed, allows remote attackers to inject arbitrary PHP code into e107config.php via a crafted MySQL server name...

CVE-2011-1513

The CVE-2011-1513 entry concerns e107 CMS prior to 0.7.24 where the installation script is not removed, enabling a remote attacker to inject PHP via a crafted MySQL server name and overwrite e107_config.php. Core Security’s advisory CORE-2011-0810 documents OS command injection with code executio...

phpLDAPadmin orderby Parameter Arbitrary PHP Code Execution

The version of phpLDAPadmin installed on the remote host does not sanitize input to the 'orderby' parameter of the 'cmd.php' script when 'cmd' is set to 'queryengine' before using it in a call to 'createfunction'. An unauthenticated, remote attacker can leverage this issue to execute arbitrary PH...

Code injection

The masort function in lib/functions.php in phpLDAPadmin 1.2.x before 1.2.2 allows remote attackers to execute arbitrary PHP code via the orderby parameter aka sortby variable in a queryengine action to cmd.php, as exploited in the wild in October 2011...

phpAlbum Multiple Security Vulnerabilities

phpAlbum is prone to an arbitrary-file-download vulnerability, multiple cross-site scripting vulnerabilities, and multiple PHP code- injection vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker can exploit these issues to execute arbitrary script code in the...

phpAlbum Multiple Security Vulnerabilities

phpAlbum is prone to an arbitrary-file-download vulnerability, multiple cross-site scripting vulnerabilities, and multiple PHP code- injection vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker can exploit these issues to execute arbitrary script code in the...

PHP Photo Album 0.4.1.16 Cross Site Scripting / Disclosure

---------------------------------------------------------------- PHP Photo Album Poc 2 http://localhost/phpAlbum/main.php?cmd=albumnew&keyword=XSS Demo :http://www.iloveazucar.com/phpAlbum/main.php?cmd=albumnew&keyword="onmouseover%3dprompt975554 bad%3d" Demo :http://www.dolfpretorius.com/main.ph...

PHP Photo Album 0.4.1.16 - Multiple Disclosure Vulnerabilities

PHP Photo Album 0.4.1.16 - Multiple Disclosure Vulnerabilities ---------------------------------------------------------------- PHP Photo Album = 0.4.1.16 Multiple Disclosure Vulnerabilities ---------------------------------------------------------------- Exploit Title: PHP Photo Album = 0.4.1.16...

PHP Photo Album 0.4.1.16 - Multiple Disclosure Vulnerabilities

---------------------------------------------------------------- PHP Photo Album = 0.4.1.16 Multiple Disclosure Vulnerabilities ---------------------------------------------------------------- Exploit Title: PHP Photo Album = 0.4.1.16 Multiple Disclosure Vulnerabilities Google Dork:...