Limbo CMS 1.0.4.2 - itemID Remote Code Execution (Metasploit)

Limbo CMS 1.0.4.2 - itemID Remote Code Execution Metasploit Title: Limbo CMS version 1.x suffers from a remote code execution vulnerability. Name: limbocms1x.pm License: Artistic/BSD/GPL Info: Trying to get the command execution exploits out of the way on milw0rm.com. M's are always good. - This ...

CVE-2006-1022

PHP remote file include vulnerability in solmenu.php in PeHePe Uyelik Sistemi aka PeHePe MemberShip Management System 3 allows remote attackers to include and execute arbitrary PHP code via a URL in the uyeklasor parameter, along with a misafir parameter that is set to UYESEVIYE...

Limbo CMS 1.0.4.2 - 'itemID' Remote Code Execution (Metasploit)

Title: Limbo CMS version 1.x suffers from a remote code execution vulnerability. Name: limbocms1x.pm License: Artistic/BSD/GPL Info: Trying to get the command execution exploits out of the way on milw0rm.com. M's are always good. - This is an exploit module for the Metasploit Framework, please se...

EV0084.txt

New eVuln Advisory: Skate Board Multimple Vulnerabilities http://evuln.com/vulns/84/summary.html --------------------Summary---------------- eVuln ID: EV0084 CVE: CVE-2006-0809 CVE-2006-0810 CVE-2006-0811 Software: Skate Board Sowtware's Web Site: http://bb.jiraiya.se/main.php?content=start...

4Images <= 1.7.1 index.php template Parameter Traversal Local File Inclusion

4Images is installed on the remote system. It is an image gallery management system. The installed application does not validate user-input passed in the 'template' variable of the 'index.php' file. This allows an attacker to execute directory traversal attacks and display the content of sensitiv...

PHORUM 3.x/5.x - &#039;Common.php&#039; Remote File Inclusion

source: https://www.securityfocus.com/bid/16977/info The PHORUM application is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containin...

PHP-Stats &lt;= 0.1.9.1 remote commands execution

------------- PHP-Stats = 0.1.9.1 remote commands execution ------------------- software: site: http://www.phpstats.net/ description: Open source statistical package for PHP enabled web sites -------------------------------------------------------------------------------- i vulnerable code in...

[eVuln] Skate Board Multimple Vulnerabilities

New eVuln Advisory: Skate Board Multimple Vulnerabilities http://evuln.com/vulns/84/summary.html --------------------Summary---------------- eVuln ID: EV0084 CVE: CVE-2006-0809 CVE-2006-0810 CVE-2006-0811 Software: Skate Board Sowtware's Web Site: http://bb.jiraiya.se/main.php?content=start...

CVE-2006-0957

Direct static code injection vulnerability in func.inc.php in ZoneO-Soft freeForum before 1.2.1 allows remote attackers to execute arbitrary PHP code via the 1 X-Forwarded-For and 2 Client-Ip HTTP headers, which are stored in Data/flood.db.php...

LogIT 1.31.4 - Remote File Inclusion

LogIT 1.31.4 - Remote File Inclusion source: https://www.securityfocus.com/bid/16932/info LogIT is prone to a remote file-include vulnerability. This issue is due to the application's failure to properly sanitize user-supplied input. Attackers may specify remotely hosted script files to be execut...

LogIT 1.3/1.4 - Remote File Inclusion

source: https://www.securityfocus.com/bid/16932/info LogIT is prone to a remote file-include vulnerability. This issue is due to the application's failure to properly sanitize user-supplied input. Attackers may specify remotely hosted script files to be executed in the context of the webserver...

Code injection

Multiple direct static code injection vulnerabilities in savesettings.php in ShoutLIVE 1.1.0 allow remote attackers to execute arbitrary PHP code via variables that are written to settings.php...

CVE-2006-0945

PHP remote file include vulnerability in admin/index.php in Archangel Weblog 0.90.02 allows remote authenticated administrators to execute arbitrary PHP code via a URL ending in a NULL %00 in the index parameter...

CVE-2006-0940

Multiple direct static code injection vulnerabilities in savesettings.php in ShoutLIVE 1.1.0 allow remote attackers to execute arbitrary PHP code via variables that are written to settings.php...

CVE-2006-0940

Multiple direct static code injection vulnerabilities in savesettings.php in ShoutLIVE 1.1.0 allow remote attackers to execute arbitrary PHP code via variables that are written to settings.php...

PEHEPE Membership Management System 3.0 - Remote PHP Script Code Injection

PEHEPE Membership Management System 3.0 - Remote PHP Script Code Injection source: https://www.securityfocus.com/bid/16887/info PEHEPE Membership Management System is prone to a remote PHP code-injection vulnerability. An attacker can exploit this issue to facilitate a compromise of the applicati...

MySQL 5.0.18 - Query Logging Bypass

source: https://www.securityfocus.com/bid/16850/info MySQL is prone to a query-logging-bypass vulnerability. This issue is due to a discrepancy between the handling of NULL bytes in the 'mysqlrealquery' function and in the query-logging functionality. This issue allows attackers to bypass the...

CVE-2006-0887

Eval injection vulnerability in sessions.inc in PHP Base Library PHPLib before 7.4a, when index.php3 from the PHPLib distribution is available on the server, allows remote attackers to execute arbitrary PHP code by including a base64-encoded representation of the code in a cookie. NOTE: this...

CVE-2006-0891

Multiple directory traversal vulnerabilities in NOCC Webmail 1.0 allow remote attackers to include arbitrary files via .. dot dot sequences and a trailing NULL %00 byte in 1 the SESSION'nocctheme' parameter in a html/footer.php; and 2 the lang and 3 theme parameters and the 4 Accept-Language HTTP...

CVE-2006-0891

CVE-2006-0891 affects NOCC Webmail 1.0. The vulnerability arises from multiple directory traversal flaws that allow remote attackers to include arbitrary files by manipulating dot-dot sequences and a trailing NULL byte in (1) html/footer.php via _SESSION['nocc_theme'], and (2) lang and (3) theme ...