Directory traversal

Directory traversal vulnerability in includes/xml.php in the Netenberg Fantastico De Luxe module before 2.10.4 r19 for cPanel, when cPanel PHP Register Globals is enabled, allows remote authenticated users to include and execute arbitrary local files via a .. dot dot or absolute pathname in the...

CVE-2008-4181

Directory traversal vulnerability in includes/xml.php in the Netenberg Fantastico De Luxe module before 2.10.4 r19 for cPanel, when cPanel PHP Register Globals is enabled, allows remote authenticated users to include and execute arbitrary local files via a .. dot dot or absolute pathname in the...

STWC-Counter <= 3.4.0 (downloadcounter.php) RFI Exploit

No description provided by source. ?php //File Inclusion Exploit for Version STWC-Counter = 3.4.0.0 //Found and Exploit Coded by burncycle - burncycleathotmaildotde //| //Vendor: http://www.stwc-counter.de/ //Dork: www.stwc-counter.de //| //Bug in "downloadcounter.php": //.. //$stwcverzeichniss =...

PHPSysInfo < 2.5 Multiple Script XSS

The remote host is running phpSysInfo, a PHP script that parses the /proc entries on Linux systems and displays them in HTML. The version of phpSysInfo installed on the remote host is affected by multiple cross-site scripting vulnerabilities due to its failure to sanitize user input to the...