42 matches found
EUVD-2008-6455
Malware in sbrugna...
EUVD-2005-4794
Malware in sbrugna...
EUVD-2008-2670
Malware in sbrugna...
EUVD-2005-4792
Malware in sbrugna...
EUVD-2008-6458
Malware in sbrugna...
EUVD-2007-5669
Malware in sbrugna...
SUSE CVE-2019-11036
When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.29, 7.2.x below 7.2.18 and 7.3.x below 7.3.5 can be caused to read past allocated buffer in exifprocessIFDTAG function. This may lead to information disclosure or crash...
Microweber 1.2.11 - Remote Code Execution (Authenticated) Vulnerability
Exploit Title: Microweber 1.2.11 - Remote Code Execution RCE Authenticated Google Dork: NA Exploit Author: Chetanya Sharma @AggressiveUser Vendor Homepage: https://microweber.org/ Software Link: https://github.com/microweber/microweber Version: 1.2.11 Tested on: KALI OS CVE : CVE-2022-0557...
Design/Logic Flaw
PHP Scripts Mall Image Sharing Script 1.3.4 has HTML injection via the Search Bar...
php云人才系统 小漏洞一步步getshell(后台)
简要描述: php云人才系统 小漏洞一步步getshell,这里包含了php与mysql交互时候的特性(也算一个漏洞),还有phpyun自身图片的验证机制问题,等等,步骤比较艰辛,本来想在这里搞一个csrf呢,找了半天没有找到,到时找到一大堆xss,这里就不利用xss了,且看分析 详细说明: 首先我们做一个小测试: 对于mysql存储来说,建站者都会给每一个字段设置长度,然后当我们插入进去的数据长度超过了设置的长度,那么mysql是不会报错,然而会自然截断存储,这个就给我们编写程序的人留下了隐患。 利用场景分析...
PHP Image 1.2 - Multiple Remote File Inclusion Vulnerabilities
No description provided by source. PHP Image v1.2 Multiple Remote File Inclusion Download: http://www.phpimage.co.uk/phpimagev12.zip Bug found by Civi Vuln code in xargcorner.php, xargcornerbottom.php, xargcornertop.php: td style=background-image: urlimages/cortopfill.jpg;?php include$xarg; ?/td...
ArrowChat 1.5.61 RFI Vulnerability
RFI Vulnerability in ArrowChat 1.5.61 // RFI Vulnerability in ArrowChat 1.6.1 // RFI PHP Image coded by Euforia33, 21/02/2013. // Known vulnerable versions 1.6.1 and below In addition to the XSS and LFI vulnerabilities in ArrowChat 1.5.61 as pointed out by Kallimero...
CF Image Hosting Script 1.3.82 File Disclosure
Exploit for php platform in category web applications !/usr/bin/perl CF Image Hosting Script 1.3.82 File Disclosure Exploit Bugfounder and Exploitcoder: bd0rk Contact: www.sohcrew.school-of-hack.net eMail: bd0rkathackermail.com Affected-Software: CF Image Hosting Script 1.3.82 Vendor:...
HTB22962: Multiple XSS in YaPiG
Vulnerability ID: HTB22962 Reference: http://www.htbridge.ch/advisory/multiplexssinyapig.html Product: YaPiG Yet Another PHP Image Gallery Vendor: http://yapig.sourceforge.net/ http://yapig.sourceforge.net/ Vulnerable Version: 0.95 Vendor Notification: 19 April 2011 Vulnerability Type: XSS Cross...
CVE-2009-3284
CVE-2009-3284 is a directory traversal vulnerability affecting multiple phpspot products: PHP BBS, PHP Image Capture BBS, PHP & CSS BBS, PHP BBS CE, PHP_RSS_Builder, and webshot. A remote attacker could read server files via unspecified vectors and cause potential data disclosure. Public referenc...
CVE-2008-6488
SQL injection vulnerability in index.php in SoftComplex PHP Image Gallery 1.0 allows remote attackers to execute arbitrary SQL commands via the Admin field in a login action...
CVE-2008-6485
SQL injection vulnerability in index.php in SoftComplex PHP Image Gallery allows remote attackers to execute arbitrary SQL commands via the ctg parameter...
CVE-2008-6488
CVE-2008-6488 describes an SQL injection in the login action of the web application SoftComplex PHP Image Gallery 1.0 . The vulnerability exists in the login functionality, where the Admin field can be exploited to execute arbitrary SQL commands remotely. According to the NVD entry, the vulnerabi...
CVE-2008-6488
SQL injection vulnerability in index.php in SoftComplex PHP Image Gallery 1.0 allows remote attackers to execute arbitrary SQL commands via the Admin field in a login action...
CVE-2008-6485
CVE-2008-6485 : The connected documents confirm a SQL injection in SoftComplex PHP Image Gallery, specifically in index.php via the ctg parameter. The root cause is unsafe SQL construction in the application, enabling remote attackers to execute arbitrary SQL commands with the potential for parti...