421 matches found
omegabill 1.0 build 6 - Multiple Vulnerabilities
omegabill 1.0 build 6 - Multiple Vulnerabilities Source: http://packetstormsecurity.org/files/view/98480/OmegaBillv1.0Build6-php.txt ------------------------------------------------------------------------ Software................OmegaBill v1.0 Build 6 Vulnerability...........Arbitrary PHP...
OmegaBill 1.0 Build 6 Arbitrary PHP Execution
------------------------------------------------------------------------ Software................OmegaBill v1.0 Build 6 Vulnerability...........Arbitrary PHP Execution Download................http://sourceforge.net/projects/omegabill/ Release Date............2/11/2011 Tested...
WSO 2.5 (web shell)
Данная утилита предоставляет веб-интерфейс для удаленной работы c операционной системой и ее службами/демонами. Описание возможностей / особенности: Авторизация на cookies Информация о сервере Файловый менеджер Копирование, переименование, перемещение, удаление, чмод, тач, создание файлов и папок...
SA-CONTRIB-2010-058: Chaos tool suite - Multiple vulnerabilities
The Chaos tool suite ctools is primarily a set of APIs and tools to improve the developer experience. This module was found to have multiple vulnerabilities. Cross site scripting XSS The module did not properly sanitize node titles under certain circumstances, resulting in multiple cross-site...
TCPDF library code execution
PHP code execution with tcpdf tag...
Simple Machines Forum XSS / XSRF / PHP Execution
This is the first batch of vulnerabilities found by the SimpleAudit team from elhacker.net http://labs.elhacker.net/simpleaudit Our goal is to evaluate the security of SMF 2.0 before using it on our own server, and we have found several security vulnerabilities. The vulnerabilities that also appl...
WordPress <= 2.8.5 Unrestricted File Upload Arbitrary PHP Code Execution
No description provided by source. ============================================= - Release date: November 11th, 2009 - Discovered by: Dawid Golunski - Severity: Moderately High ============================================= I. VULNERABILITY ------------------------- WordPress = 2.8.5 Unrestricted...
PT-2009-2014 · Simple Machines · Simple Machines Forum
Name of the Vulnerable Software and Affected Versions: Simple Machines Forum SMF version 1.1.4 Description: The issue allows remote attackers to potentially execute arbitrary PHP code. This is achieved via a URL in the settingsdefault theme dir parameter to "Sources/Subs-Graphics.php" and...
Flatnuke3 Remote Cookie Manipoulation / Privilege Escalation
--------------------------------------------------------------- / | | / | / |/ | | |/ | | / | | | | | |/ | | // | || | ||| /| / / | |||| /| / / --------------------------------------------------------------- Http://www.inj3ct-it.org Staffatinj3ct-itdotorg...
Flatnuke 3 Remote Cookie Manipoulation / Privilege Escalation
No description provided by source. --------------------------------------------------------------- / | |\ \ / | / |/ | | |/ \ | | / \ \ | \ \ | | | \ | |/ \ | | // | || | ||| /| / /\ | |||| /| / / &nb...
Flatnuke 3 - Remote Cookie Manipulation / Privilege Escalation
--------------------------------------------------------------- / | |\ \ / | / |/ | | |/ \ | | | |||| /| / / --------------------------------------------------------------- Http://www.inj3ct-it.org Staffatinj3ct-itdotorg --------------------------------------------------------------- Flatnuke3...
Flatnuke 3 Remote Cookie Manipoulation / Privilege Escalation
Exploit for unknown platform in category web applications ============================================================= Flatnuke 3 Remote Cookie Manipoulation / Privilege Escalation =============================================================...
CVE-2007-4820
Absolute path traversal vulnerability in blanko.preview.php in Sisfo Kampus 2006 allows remote attackers to read arbitrary local files, and possibly execute local PHP scripts, via the nmf parameter...
DEBIAN-CVE-2007-3544
Unrestricted file upload vulnerability in 1 wp-app.php and 2 app.php in WordPress 2.2.1 and WordPress MU 1.2.3 allows remote authenticated users to upload and execute arbitrary PHP code via unspecified vectors, possibly related to the wppostmeta table and the use of custom fields in normal...
CVE-2007-0609
Directory traversal vulnerability in Advanced Guestbook 2.4.2 allows remote attackers to bypass .htaccess settings, and execute arbitrary PHP local files or read arbitrary local templates, via a .. dot dot in a lang cookie, followed by a filename without its .php extension, as demonstrated via a...
ShoutPro <= 1.5.2 (shout.php) Remote Code Injection Exploit
No description provided by source. ?/ File: shoutbox.php Affects: ShoutPro 1.5.2 may affect earlier versions Date: 17th April 2007 Issue Description: =========================================================================== ShoutPro 1.5.2 fails to fully sanitize user input $shout that it writes...
CVE-2006-6338
Unrestricted file upload vulnerability in upload/index.php in deV!Lz Clanportal DZCP before 1.3.6.1 allows remote attackers to upload and execute arbitrary .php files by embedding PHP code in a JPEG or GIF file that is uploaded to inc/images/uploads/userpics/...
CVE-2006-5733
CVE-2006-5733 : A directory traversal/remote local file inclusion flaw in PostNuke ≤0.763 (error.php) allows an attacker to cause arbitrary local file inclusion by placing PHP sequences in the PNSVlang cookie, which gets written into Apache logs and later included by error.php. Affected product/v...
JAFCMS-4.0.txt
Hacker: NanoyMaster /|| \ | || \ / ||\ Exploit: JAF CMS / || |\| || / || \ Version: 4.0 RC1 \ || | \ || |/| || / ||| ||| |||/ vulnerabilities: XSS in shoutbox PHP execution XSS in forum \m/Props\m/ z3r0phr34k SystemMeltdown THK-GEO & THK-h3x All of Exploitarians...
JAF CMS 4.0 RC1 multiple vulnerabilities
Hacker: NanoyMaster /|| | || / || Exploit: JAF CMS / || || || / || Version: 4.0 RC1 || | || |/| || / ||| ||| |||/ vulnerabilities: XSS in shoutbox PHP execution XSS in forum m/Propsm/ z3r0phr34k SystemMeltdown THK-GEO & THK-h3x All of Exploitarians...