VHD Web Pack 2.0 (index.php page) Local File Inclusion Vulnerability

Exploit for unknown platform in category web applications ==================================================================== VHD Web Pack 2.0 index.php page Local File Inclusion Vulnerability ==================================================================== Digital Security Research Group...

Design/Logic Flaw

Eval injection vulnerability in admin/op/disp.php in Netwerk Smart Publisher 1.0.1 allows remote attackers to execute arbitrary PHP code via the filedata parameter...

CVE-2008-0503

Eval injection vulnerability in admin/op/disp.php in Netwerk Smart Publisher 1.0.1 allows remote attackers to execute arbitrary PHP code via the filedata parameter...

CVE-2008-0503

CVE-2008-0503 affects Netwerk Smart Publisher 1.0.1. An eval() failure in admin/op/disp.php allows remote attackers to execute arbitrary PHP code via the filedata parameter, enabling unauthenticated, network-vector exploitation. CVSS 2.0 base score 6.8 ("NETWORK" attack vector, "MEDIUM" complexit...

SQLiteManager confirm.php spaw_root Parameter Remote File Inclusion

The remote host is running SQLiteManager, a web-based application for managing SQLite databases. The version of SQLiteManager installed on the remote host fails to sanitize user-supplied input to the 'spawroot' parameter of the 'spaw/dialogs/confirm.php' script before using it to include PHP code...

Code injection

stat.php in AuraCMS 1.62, and Mod Block Statistik for AuraCMS, allows remote attackers to inject arbitrary PHP code into online.db.txt via the X-Forwarded-For HTTP header in a stat action to index.php, and execute online.db.txt via a certain request to index.php...

CVE-2008-0390

stat.php in AuraCMS 1.62, and Mod Block Statistik for AuraCMS, allows remote attackers to inject arbitrary PHP code into online.db.txt via the X-Forwarded-For HTTP header in a stat action to index.php, and execute online.db.txt via a certain request to index.php...

Small Axe Weblog 0.3.1 - 'ffile' Remote File Inclusion

source: https://www.securityfocus.com/bid/27383/info Small Axe Weblog is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in t...

Small Axe Weblog 0.3.1 - ffile Remote File Inclusion

Small Axe Weblog 0.3.1 - ffile Remote File Inclusion source: https://www.securityfocus.com/bid/27383/info Small Axe Weblog is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote...

Debian: Security Advisory (DSA-764-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-842-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-1096-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-840-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MyBB < 1.2.11 forumdisplay.php sortby Parameter Command Execution

Binary data 4346.prm...

MyBB forumdisplay.php 'sortby' Parameter Arbitrary PHP Code Execution

The version of MyBB installed on the remote host is affected by an arbitrary PHP code execution vulnerability due to improper sanitization of user-supplied input to the 'sortby' parameter of the forumdisplay.php script before using it in an eval statement to evaluate PHP code. A remote,...

Remote file inclusion

PHP remote file inclusion vulnerability in VisionBurst vcart 3.3.2 allows remote attackers to execute arbitrary PHP code via a URL in the abspath parameter to 1 index.php and 2 checkout.php...

CVE-2008-0287

PHP remote file inclusion vulnerability in VisionBurst vcart 3.3.2 allows remote attackers to execute arbitrary PHP code via a URL in the abspath parameter to 1 index.php and 2 checkout.php...

CVE-2008-0287

PHP remote file inclusion vulnerability in VisionBurst vcart 3.3.2 allows remote attackers to execute arbitrary PHP code via a URL in the abspath parameter to 1 index.php and 2 checkout.php...

Members Area System 1.7 - view_func.php Remote File Inclusion

Members Area System 1.7 - viewfunc.php Remote File Inclusion source: https://www.securityfocus.com/bid/27244/info Members Area System is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitra...

Members Area System 1.7 - &#039;view_func.php&#039; Remote File Inclusion

source: https://www.securityfocus.com/bid/27244/info Members Area System is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it i...