82 matches found
Relay Ajax Directory Manager relayb01-071706 / 1.5.1 / 1.5.3 - Unauthenticated Arbitrary File Upload
Exploit for php platform in category web applications Unauthenticated File Upload in Relay Ajax Directory Manager may Lead to Remote Command Execution A vulnerability within the Relay Ajax Directory Manager web application allows unauthenticated attackers to upload arbitrary files to the web serv...
ATutor 1.x forum.inc.php Arbitrary Command Execution
No description provided by source. source: http://www.securityfocus.com/bid/15221/info ATutor is prone to multiple vulnerabilities. These issues can allow remote attackers to execute arbitrary PHP commands and carry out local file include and cross-site scripting attacks. ATutor 1.5.1-pl1 and pri...
Ultimate PHP Board 1.9 admin_iplog.PHP Arbitrary PHP Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7678/info A vulnerability has been reported in Ultimate PHP Board. The problem is said to occur due to insufficient sanitization of user-supplied input before including log data into a PHP file. As a result, it may be...
SMBlog 1.2 Arbitrary PHP Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/16905/info SMBlog is prone to an arbitrary command-execution vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to execute arbitra...
PHPForum 2.0 RC1 Mainfile.PHP Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8158/info phpForum is prone to a vulnerability that may permit remote attackers to include and execute malicious PHP scripts. This could be exploited to execute malicious PHP commands in the context of the web server...
SPIP 1.8.2 Spip_RSS.PHP Remote Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/16556/info SPIP is prone to a remote command-execution vulnerability. This is due to a lack of proper sanitization of user-supplied input. An attacker can exploit this issue to execute arbitrary remote PHP commands on an...
ATutor 1.x print.php section Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/15221/info ATutor is prone to multiple vulnerabilities. These issues can allow remote attackers to execute arbitrary PHP commands and carry out local file include and cross-site scripting attacks. ATutor 1.5.1-pl1 and pri...
Xonic.ru News 1.0 script.php Remote Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7365/info A vulnerability has been reported for Xonic.ru News. The problem occurs due to insufficient sanitization of user-supplied data to the 'script.php' file. As a result, it may be possible for an attacker to pass...
SimpleBBS 1.0.6/1.0.7/1.1 - Remote Arbitrary Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/17501/info SimpleBBS is prone to an arbitrary command-execution vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this vulnerability to...
TikiWiki <= 1.9.8 tiki-graph_formula.php Command Execution Exploit
No description provided by source. !/usr/bin/perl TikiWiki = 1.9.8 Remote Command Execution Exploit Description ----------- TikiWiki contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to 'tiki-graphformula.php' script not properly sanitizing user inpu...
Reallyeasycart 2.8.x Remote Code Execute Vulnerability
reallyeasycart suffers from a RCE bug that will allow you to execute php commands. This is private exploit. You can buy it at https://0day.today...
AWStats Totals < 1.15 'sort' Parameter RCE Vulnerabilities - Active Check
AWStats Totals is prone to remote command execution RCE vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Discuz! 7.1 & 7.2 remote code execution vulnerability-vulnerability warning-the black bar safety net
First of all the way, vulnerability is t00ls heart of the Swarm spread out, xhming go read, and then I later read, the read-out of all code execution, 1 On 5 The Night of 1 1 o'clock, in the core group of hackers, xhming gave a poc, I gave an exp, do find the same problem. Off night 2 points more...
TikiWiki tiki-graph_formula Remote Command Execution
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'TikiWiki...
Firepack (admin/ref.php) Remote Code Execution Exploit
No description provided by source. !/usr/bin/perl Firepack - Remote Command\Code Execution Exploit Firepack is a web atting toolkit often used in 2008, when the most versions of it were published. A short time ago i looked though the sourcecode and noticed that Vulnerability which can be used if...
Firepack (admin/ref.php) Remote Code Execution Exploit
Exploit for unknown platform in category web applications ====================================================== Firepack admin/ref.php Remote Code Execution Exploit ====================================================== !/usr/bin/perl Firepack - Remote Command\Code Execution Exploit Firepack is ...
Firepack - '/admin/ref.php' Remote Code Execution
!/usr/bin/perl Firepack - Remote Command\Code Execution Exploit Firepack is a web atting toolkit often used in 2008, when the most versions of it were published. A short time ago i looked though the sourcecode and noticed that Vulnerability which can be used if the admin doesn't use a .htaccess...
FreeBSD : mantis -- multiple vulnerabilities (29255141-c3df-11dd-a721-0030843d3802)
Secunia reports : Some vulnerabilities have been reported in Mantis, which can be exploited by malicious users to compromise a vulnerable system and malicious people to conduct cross-site scripting and request forgery attacks. Input passed to the 'filtertarget' parameter in returndynamicfilters.p...
GLSA-200812-07 : Mantis: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200812-07 Mantis: Multiple vulnerabilities Multiple issues have been reported in Mantis: EgiX reported that manageprojpage.php does not correctly sanitize the sort parameter before passing it to createfunction in core/utilityapi.p...
Mantis: Multiple vulnerabilities
Background Mantis is a PHP/MySQL/Web based bugtracking system. Description Multiple issues have been reported in Mantis: EgiX reported that manageprojpage.php does not correctly sanitize the sort parameter before passing it to createfunction in core/utilityapi.php CVE-2008-4687. Privileges of...