MODX CMS < 0.9.2.2 RFI Vulnerability - Active Check

MODX CMS is prone to a remote file inclusion RFI vulnerability. SPDX-FileCopyrightText: 2008 Justin Seitz Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2008-4704

PHP remote file inclusion vulnerability in SezHooTabsAndActions.php in SezHoo 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the IP parameter...

Remote file inclusion

PHP remote file inclusion vulnerability in SezHooTabsAndActions.php in SezHoo 0.1 allows remote attackers to execute arbitrary PHP code via a URL in the IP parameter...

WebSVN <= 2.0 (XSS/FH/CE) Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications ========================================================= WebSVN alertdocument.cookie; A url like the one above would display a JavaScript alert window containing the cookie data of any set cookies for the domain. File Ha...

Remote file inclusion

PHP remote file inclusion vulnerability in panel/common/theme/default/headersetup.php in WebBiscuits Software Events Calendar 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the 1 pathdocroot and 2 component parameters...

Code injection

plugins/eventtracer/eventlist.php in PhpWebGallery 1.7.2 and earlier allows remote authenticated administrators to execute arbitrary PHP code via PHP sequences in the sort parameter, which is processed by createfunction...

nukeet-upload.txt

?php / --------------------------------------------------------------- Nuke ET = 3.4 fckeditor Remote Arbitrary File Upload Exploit --------------------------------------------------------------- author...: EgiX mail.....: n0b0d13satgmaildotcom link.....: http://www.truzone.org/ This PoC was...

mantis-exec.txt

?php / -------------------------------------------------------------------------------- Mantis Bug Tracker = 1.1.3 manageprojpage.php Remote Code Execution Exploit -------------------------------------------------------------------------------- author...: EgiX mail.....: n0b0d13satgmaildotcom...

Mantis Bug Tracker &lt;= 1.1.3 Remote Code Execution Exploit

No description provided by source. ?php / -------------------------------------------------------------------------------- Mantis Bug Tracker = 1.1.3 manageprojpage.php Remote Code Execution Exploit -------------------------------------------------------------------------------- author...: EgiX...

Mantis Bug Tracker 1.1.3 - Remote Code Execution

Mantis Bug Tracker 1.1.3 - Remote Code Execution ?php / -------------------------------------------------------------------------------- Mantis Bug Tracker = 1.1.3 manageprojpage.php Remote Code Execution Exploit --------------------------------------------------------------------------------...

Mantis Bug Tracker <= 1.1.3 Remote Code Execution Exploit

Exploit for unknown platform in category web applications ========================================================= Mantis Bug Tracker = 1.1.3 Remote Code Execution Exploit ========================================================= ?php /...

CVE-2008-4557

plugins/wacko/highlight/html.php in Strawberry in CuteNews.ru 1.1.1 aka Strawberry allows remote attackers to execute arbitrary PHP code via the text parameter, which is inserted into an executable regular expression...

Code injection

plugins/wacko/highlight/html.php in Strawberry in CuteNews.ru 1.1.1 aka Strawberry allows remote attackers to execute arbitrary PHP code via the text parameter, which is inserted into an executable regular expression...

LokiCMS 0.3.4 - writeconfig() Remote Command Execution

LokiCMS 0.3.4 - writeconfig Remote Command Execution Author: GiReX Homepage: http://girex.altervista.org CMS: LokiCMS 0.3.4 URL: http://www.lokicms.com/ Description: LokiCMS is still vulnerable to Remote Command Execution see: http://milw0rm.com/exploits/5408 The exploit changed becouse the vars...

LokiCMS 0.3.4 - &#039;writeconfig()&#039; Remote Command Execution

Author: GiReX Homepage: http://girex.altervista.org CMS: LokiCMS 0.3.4 URL: http://www.lokicms.com/ Description: LokiCMS is still vulnerable to Remote Command Execution see: http://milw0rm.com/exploits/5408 The exploit changed becouse the vars changed but the bugged function is the same:...

CVE-2008-4529

Multiple PHP remote file inclusion vulnerabilities in asiCMS alpha 0.208 allow remote attackers to execute arbitrary PHP code via a URL in the ENVasicmspath parameter to 1 Association.php, 2 BigMath.php, 3 DiffieHellman.php, 4 DumbStore.php, 5 Extension.php, 6 FileStore.php, 7 HMAC.php, 8...

Barcode Generator 2.0 - LSTable.php Remote File Inclusion

Barcode Generator 2.0 - LSTable.php Remote File Inclusion source: https://www.securityfocus.com/bid/31419/info Barcode Generator is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary...

Barcode Generator 2.0 - &#039;LSTable.php&#039; Remote File Inclusion

source: https://www.securityfocus.com/bid/31419/info Barcode Generator is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in...

PHP 5.2.6 - &#039;create_function()&#039; Code Injection (1)

source: https://www.securityfocus.com/bid/31398/info PHP is prone to a code-injection weakness because it fails to sufficiently sanitize input to 'createfunction'. Note that the anonymous function returned need not be called for the supplied code to be executed. An attacker who can exploit this...

Gentoo Security Advisory GLSA 200503-35 (smarty)

The remote host is missing updates announced in advisory GLSA 200503-35. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...