CVE-2008-5789

Multiple PHP remote file inclusion vulnerabilities in the Recly Interactive Feederator comfeederator component 1.0.5 for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the 1 mosConfigabsolutepath parameter to a addtmsp.php, b edittmsp.php and c tmsp.php in includes/tmsp...

CVE-2008-5790

Multiple PHP remote file inclusion vulnerabilities in the Recly!Competitions comcompetitions component 1.0 for Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the 1 GLOBALSmosConfigabsolutepath parameter to a add.php and b competitions.php in includes/competitions/, and...

Flexcustomer 0.0.6 Administrative Login Bypass

START 0x01 Informations: Script : Flexcustomer Download : http://www.hotscripts.com/jump.php?listingid=25331&jumptype=1 Vulnerability : Admin Login Bypass / Possible PHP code writing Author : Osirys Contact : osirysatlivedotit Website : http://osirys.org 0x02 Bug: Admin Login Bypass Bug:...

Remote file inclusion

PHP remote file inclusion vulnerability in calendar.php in WorkSimple 1.2.1, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the lang parameter...

CVE-2008-5764

PHP remote file inclusion vulnerability in calendar.php in WorkSimple 1.2.1, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the lang parameter...

Flexcustomer 0.0.6 Admin Login Bypass / Possible PHP code writing Vulns

No description provided by source. START 0x01 Informations: Script : Flexcustomer Download : http://www.hotscripts.com/jump.php?listingid=25331&jumptype=1 Vulnerability : Admin Login Bypass / Possible PHP code writing Author : Osirys Contact : osirysatlivedotit Website : http://osirys.org 0x02 Bu...

YourPlace 1.0.2 Command Execution / Database Disclosure

START 0x01 Informations: Script : YourPlace 0.5 beta 1 Download : http://www.hotscripts.com/jump.php?listingid=80545&jumptype=1 Vulnerability : DB Disclosure / Arbitrary Data Saving RCE EXPLOIT / Arbitrary File Upload / PHPInfo Disclosure / User Change Account Author : Osirys Contact :...

Flexcustomer 0.0.6 Admin Login Bypass / Possible PHP code writing

No description provided by source. START 0x01 Informations: Script : Flexcustomer Download : http://www.hotscripts.com/jump.php?listingid=25331&jumptype=1 Vulnerability : Admin Login Bypass / Possible PHP code writing Author : Osirys Contact : osirysatlivedotit Website : http://osirys.org 0x02 Bu...

ThePortal 2.2 Arbitrary Remote File Upload Exploit

No description provided by source. web apps theportal2 v2.2 Auth bypass file upload -------------------- Author: siurek22 -------------------- You need curl to run it -------------------- Code: -------------------- upload.php ?php $file=$POST'url'; $fel=explode"\n", $file; $ile=count$fel;...

Flexcustomer 0.0.6 - Admin Authentication Bypass Possible PHP Code Writing

Flexcustomer 0.0.6 - Admin Authentication Bypass Possible PHP Code Writing START 0x01 Informations: Script : Flexcustomer Download : http://www.hotscripts.com/jump.php?listingid=25331&jumptype=1 Vulnerability : Admin Login Bypass / Possible PHP code writing Author : Osirys Contact :...

Flexcustomer 0.0.6 Admin Login Bypass / Possible PHP code writing

Exploit for unknown platform in category web applications ================================================================= Flexcustomer 0.0.6 Admin Login Bypass / Possible PHP code writing ================================================================= START 0x01 Informations: Script :...

ThePortal 2.2 - Arbitrary File Upload

web apps theportal2 v2.2 Auth bypass file upload -------------------- Author: siurek22 -------------------- You need curl to run it -------------------- Code: -------------------- upload.php /textarea '; else for$i=0; $i...

Flexcustomer 0.0.6 - Admin Authentication Bypass / Possible PHP Code Writing

START 0x01 Informations: Script : Flexcustomer Download : http://www.hotscripts.com/jump.php?listingid=25331&jumptype=1 Vulnerability : Admin Login Bypass / Possible PHP code writing Author : Osirys Contact : osirysatlivedotit Website : http://osirys.org 0x02 Bug: Admin Login Bypass Bug:...

Gentoo Security Advisory GLSA 200812-20 (phpcollab)

The remote host is missing updates announced in advisory GLSA 200812-20. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200812-20 (phpcollab)

The remote host is missing updates announced in advisory GLSA 200812-20. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GLSA-200812-20 : phpCollab: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200812-20 phpCollab: Multiple vulnerabilities Multiple vulnerabilities have been found in phpCollab: rgod reported that data sent to general/sendpassword.php via the loginForm parameter is not properly sanitized before being used ...

phpCollab: Multiple vulnerabilities

Background phpCollab is a web-enabled groupware and project management software written in PHP. It uses SQL-based database backends. Description Multiple vulnerabilities have been found in phpCollab: rgod reported that data sent to general/sendpassword.php via the loginForm parameter is not...

Remote file inclusion

PHP remote file inclusion vulnerability in lib/jpgraph/jpgrapherrhandler.inc.php in Sandbox 1.4.1 might allow remote attackers to execute arbitrary PHP code via unspecified vectors. NOTE: the issue, if any, may be located in Aditus JpGraph rather than Sandbox. If so, then this should not be treat...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in lcxBBportal 0.1 Alpha 2 allow remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter to 1 portal/includes/portalblock.php and 2 includes/acp/acplcxbbportal.php...

phpMyAdmin 3.1.0 - Cross-Site Request Forgery / SQL Injection

Written by Michael Brooks Special Thanks to str0ke and rGod Intro: phpMyAdmin is by far the most popular PHP project. Between phpmyadmin and the xampp project there are more than 34+ million downloads from sourceforge.net . This exploit was released along side XSRF attacks against XAMPP and Simpl...