Code injection

Static code injection vulnerability in addreg.php in DB Top Sites 1.0 allows remote attackers to inject arbitrary PHP code via a crafted 1 url and 2 location parameter...

CVE-2009-2111

Static code injection vulnerability in addreg.php in DB Top Sites 1.0 allows remote attackers to inject arbitrary PHP code via a crafted 1 url and 2 location parameter...

CVE-2009-2111

CVE-2009-2111 affects DB Top Sites 1.0, with a vulnerability in the file add_reg.php that allows static code injection . A remote attacker can inject arbitrary PHP code by supplying crafted parameters for the (1) url and (2) location, enabling code execution on the affected system. This is docume...

CVE-2009-2111

Static code injection vulnerability in addreg.php in DB Top Sites 1.0 allows remote attackers to inject arbitrary PHP code via a crafted 1 url and 2 location parameter...

DB Top Sites 1.0 Remote Command Execution Exploit

No description provided by source. ?php / ------------------------------------------------------------ + About DB Top Sites v1.0 Remote Command Execution Exploit Script homepage : http://www.jnmsolutions.co.uk/topsites/ Author : SirGod Thanks to : Nytro Website : www.mortal-team.org...

eliteCMS multiple Vulnerabilities

eliteCMS is prone to a vulnerability that lets attackers upload and execute arbitrary PHP code. The application is also prone to a cross-site scripting issue and to a SQL Injection Vulnerability. These issues occur because the application fails to sufficiently sanitize user-supplied input...

eliteCMS Multiple Vulnerabilities

eliteCMS is prone to a vulnerability that lets attackers upload and execute arbitrary PHP code. The application is also prone to a cross-site scripting issue and to a SQL Injection Vulnerability. These issues occur because the application fails to sufficiently sanitize user-supplied input...

phpMyAdmin - scriptssetup.php PHP Code Injection

phpMyAdmin - scriptssetup.php PHP Code Injection !/bin/bash CVE-2009-1151: phpMyAdmin '/scripts/setup.php' PHP Code Injection RCE PoC v0.11 by pagvac gnucitizen.org, 4th June 2009. special thanks to Greg Ose labs.neohapsis.com for discovering such a cool vuln, and to str0ke milw0rm.com for testin...

phpMyAdmin - '/scripts/setup.php' PHP Code Injection

!/bin/bash CVE-2009-1151: phpMyAdmin '/scripts/setup.php' PHP Code Injection RCE PoC v0.11 by pagvac gnucitizen.org, 4th June 2009. special thanks to Greg Ose labs.neohapsis.com for discovering such a cool vuln, and to str0ke milw0rm.com for testing this PoC script and providing feedback! PoC...

CVE-2009-1946

PHP remote file inclusion vulnerability in latestposts.php in AdaptBB 1.0, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the forumspath parameter...

CVE-2009-1946

PHP remote file inclusion vulnerability in latestposts.php in AdaptBB 1.0, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the forumspath parameter...

CVE-2009-1936

functions.php in cpCommerce 1.2.x, possibly including 1.2.9, sends a redirect but does not exit when it is called directly, which allows remote attackers to bypass a protection mechanism to conduct remote file inclusion and directory traversal attacks, execute arbitrary PHP code, or read arbitrar...

CVE-2009-1936

The CVE-2009-1936 entry concerns cpCommerce 1.2.x (possibly including 1.2.9) and related variants. The root cause is in _functions.php: when called directly, a redirect is issued but not exited, allowing bypass of a protection mechanism that enables remote file inclusion and directory traversal v...

Movie PHP Script 2.0 Code Execution

Movie PHP Script v2.0 Remote PHP Code Execution + Discovered By SirGod + www.mortal-team.org + Remote PHP Code Execution - Vulnerable code in system/services/init.php : --------------------------------------------------------------------------------- Line 84 : @evalstripslashes$REQUEST'anticode';...

DedeCMSV53 arbitrary variable overwrite vulnerability-vulnerability warning-the black bar safety net

DedeCMSV53 arbitrary variable overwrite vulnerability See today mrxhming students a articles http://hi.baidu.com/mrxhming/blog/item/8176f00bf540f11795ca6b3f.html find this old BUG hasn't been patched to look like, from the inside of the forum go a pp out of it, everyone is welcome to shoot the...

ECShop PHP Code Execution

Securitylab.ir Application Info: Name: ecshop Version: 2.6.2 Website: http://www.ecshop.com Discoverd By: Securitylab.ir Website: http://securitylab.ir Contacts: info@securitylabdotir & [email protected] =========================================================== :: integrate.php :: if...

WP-Lytebox 'pg' Parameter Local File Inclusion

The remote host is running WP-Lytebox, a plugin for WordPress that uses Lytebox to add a lightbox functionality to HTML content. The version of WP-Lytebox installed on the remote host fails to filter user-supplied input to the 'pg' parameter of the 'main.php' script before using it to include PHP...

LimeSurvey Information Disclosure Vulnerability

This host is running LimeSurvey and is prone to Information Disclosure vulnerability. OpenVAS Vulnerability Test $Id: secpodlimesurveyinfodiscvuln.nasl 5055 2017-01-20 14:08:39Z teissa $ LimeSurvey Information Disclosure Vulnerability Authors: Sharath S Copyright: Copyright c 2009 SecPod,...

LimeSurvey < 1.82 Information Disclosure Vulnerability

imeSurvey is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Dokuwiki 2009-02-14 - Local File Inclusion

Dokuwiki 2009-02-14 - Local File Inclusion Author girex Homepage girex.altervista.org CMS Dokuwiki Homepage dokuwiki.org Affected versions 2009-02-14 rc2009-02-06 rc2009-01-30 Bug Local file inclusion Need registerglobals = On Vuln description File: /inc/init.php // if available load a preload...