Lucene search
K

2600 matches found

securityvulns
securityvulns
added 2003/01/08 12:0 a.m.30 views

E-theni (PHP)

Informations : °°°°°°°°°°°°°° Version : ? Website : http://www.theni.freesurf.fr Problems : - Include file - phpinfo PHP Code/Location : °°°°°°°°°°°°°°°°°°° /admint/include/afflistelangue.php : ----------------------------------------- require $repinclude."paralangue.php";...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2003/01/06 12:0 a.m.25 views

S8Forum 3.0 - Remote Command Execution

source: https://www.securityfocus.com/bid/6547/info S8Forum is prone to a remote command execution vulnerability. When a user registers with the forum, a file is created locally with the specified username. The contents of this file will be the data entered by the user. As a result, a malicious...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2003/01/03 12:0 a.m.27 views

PEEL (PHP)

Informations : °°°°°°°°°°°°°° Version : 1.0b Website : http://www.mapetite-entreprise.com Problem : Include file PHP Code/Location : °°°°°°°°°°°°°°°°°°° modeles/haut.php : ----------------------------------------------------------- ? $langfile = $dirroot."/lang/".$SESSION"lang"."/lang.php"; requi...

7.1AI score
Exploits0
NVD
NVD
added 2002/12/31 5:0 a.m.17 views

CVE-2002-2200

Benjamin Lefevre Dobermann FORUM 0.5 and earlier allows remote attackers to remotely include and execute malicious PHP files via the "subpath" variablein 1 entete.php, 2 enteteacceuil.php, 3 index.php, or 4 newtopic.php...

7.5CVSS7AI score0.07125EPSS
Exploits0References3
NVD
NVD
added 2002/12/31 5:0 a.m.14 views

CVE-2002-1991

PHP file inclusion vulnerability in osCommerce 2.1 execute arbitrary commands via the includefile parameter to includeonce.php...

7.5CVSS7.4AI score0.07456EPSS
Exploits1References4
NVD
NVD
added 2002/12/31 5:0 a.m.11 views

CVE-2002-2015

PHP file inclusion vulnerability in user.php in PostNuke 0.703 allows remote attackers to include arbitrary files and possibly execute code via the caselist parameter...

7.5CVSS7.3AI score0.09493EPSS
Exploits1References3
exploitpack
exploitpack
added 2002/08/19 12:0 a.m.20 views

Mantis Bug Tracker 0.15.x0.160.17.x - JPGraph Remote File Inclusion Command Execution

Mantis Bug Tracker 0.15.x0.160.17.x - JPGraph Remote File Inclusion Command Execution source: https://www.securityfocus.com/bid/5504/info Mantis depends on include files to provide some functionality, such as dynamic generation of graphs. However, since Mantis does not properly validate the path ...

0.4AI score
Exploits0
Cvelist
Cvelist
added 2002/07/26 4:0 a.m.17 views

CVE-2002-0764

Phorum 3.3.2a allows remote attackers to execute arbitrary commands via an HTTP request to 1 plugin.php, 2 admin.php, or 3 del.php that modifies the PHORUMsettingsdir variable to point to a directory that contains a PHP file with the commands...

7.7AI score0.38301EPSS
Exploits1References5
Exploit DB
Exploit DB
added 2002/06/15 12:0 a.m.29 views

ZeroBoard 4.1 - PHP Include File Arbitrary Command Execution

source: https://www.securityfocus.com/bid/5028/info Zeroboard is a PHP web board package available for the Linux and Unix platforms. Under some circumstances, it may be possible to include arbitrary PHP files. The head.php file does not sufficiently check or sanitize input. When the "allowurlfope...

7AI score
Exploits0
securityvulns
securityvulns
added 2002/03/28 12:0 a.m.33 views

postnuke v 0.7.0.3 remote command execution

post nuke is one of popular content management system written in php . there are bug in file user.php line 107 which user can append $caselist array with their own value. foreach $caselist as $k=$v $ModName = $v'module'; include "$vpath/$k"; $caselist = array;...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2002/03/20 12:0 a.m.44 views

Bypassing safe mode in PHP

It's possible to bypass safe mode limitation by using moveuploadedfile call and MySQL library functions to access files of different users...

3.6AI score
Exploits0References2Affected Software1
Packet Storm
Packet Storm
added 2001/12/26 12:0 a.m.34 views

twlc-adv-plesk211201.txt

twlc security divison 21/12/2001 plesk psa allows reading of .php files Found by: supergate ./twlc Summary: Plesk is a server admnistrator used by LOTS of web hosting companies to make easy the menagement of the server. Its a really cool software!! i work with it. This bug allows you to read the...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2001/08/22 12:0 a.m.45 views

Получение исходного текста CGI в Bad Blue (source code retrieval)

Додбавив 00 к имени файла PHP или CGI можно получить его исходный код...

0.7AI score
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2000/09/12 12:0 a.m.31 views

PHP File Upload Capability Hidden Form Field Modification Arbitrary File Access

A version of PHP that is older than 3.0.17 or 4.0.3 is running on this host. If a PHP service that allows users to upload files and then display their content is running on this host, an attacker may be able to read arbitrary files from the server. %NASLMINLEVEL 70300 C Tenable Network Security,...

5CVSS5.6AI score0.02745EPSS
Exploits1References2
Packet Storm
Packet Storm
added 2000/09/11 12:0 a.m.23 views

SRADV00001.txt

================================================= Secure Reality Pty Ltd. Security Advisory 1 SRADV00001 http://www.securereality.com.au ================================================= Title Arbitrary file disclosure through PHP file upload Released 04/09/2000 We found this particular issue a...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2000/09/04 12:0 a.m.72 views

(SRADV00001) Arbitrary file disclosure through PHP file upload

================================================= Secure Reality Pty Ltd. Security Advisory 1 SRADV00001 http://www.securereality.com.au ================================================= Title Arbitrary file disclosure through PHP file upload Released 04/09/2000 We found this particular issue a...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2000/08/22 12:0 a.m.43 views

Vuln. in all sites using PHP-Nuke, versions less than 3

Greetings, PHP-Nuke is a Web Portal System, storytelling software also an automated web site to distribute news and articles with users system. Exploit: ------- The problem is when somebody does a http://example.com/admin.php3?admin=whatever, can have full access as an admin, that means posting...

6.8AI score
Exploits0
Vulnrichment
Vulnrichment
added 1976/01/01 12:0 a.m.19 views

CVE-2024-36774

An arbitrary file upload vulnerability in Monstra CMS v3.0.4 allows attackers to execute arbitrary code via uploading a crafted PHP file...

7.3AI score0.00722EPSS
Exploits1References1
Friends Of PHP
Friends Of PHP
added 1970/01/01 12:0 a.m.25 views

PHP file inclusion via insert tags

More info at https://contao.org/en/security-advisories/php-file-inclusion-via-insert-tags.html...

7.2CVSS7.2AI score0.01254EPSS
Exploits0Affected Software1
Friends Of PHP
Friends Of PHP
added 1970/01/01 12:0 a.m.44 views

PHP file inclusion via insert tags

More info at https://contao.org/en/security-advisories/php-file-inclusion-via-insert-tags.html...

7.2CVSS7.2AI score0.01254EPSS
Exploits0Affected Software1
Rows per page
Query Builder