SoftBB多个远程代码执行及信息泄露漏洞

SoftBB是一款基于WEB的论坛程序。 SoftBB v0.1中存在多个输入验证错误，如下： 1 在SQL查询时没有正确的验证对/addmembre.php文件中groupe参数及/moveto.php文件中select参数的输入，允许攻击者执行SQL注入攻击。 2 在PHP脚本中存储之前没有正确过滤对admin/saveopt.php中多个参数的输入，允许攻击者执行任意PHP代码。成功攻击可能要求管理员权限。 3 对index.php中page参数的输入没有正确的处理空的或无效的参数，允许攻击者判断安装路径。 SoftBB = 0.1...

PHPht-rfi.txt

BiyoSecurity.Org & SecurityWall.Org Scripts: PHPht Topsites Remote File İnclude Download: http://www.linkini.net/phpscripts/descargas/Top%20Sites%208%20Archivos/PHPht%20Topsites.zip Greetz : Liz0zim , RMx , TRIP , DreamLord Regards : KorsaN Vulnerable file : All Files := vulnerable code :...

Cerberus Helpdesk rpc.php Arbitrary Ticket Information Disclosure

The remote host is running Cerberus Helpdesk, a web-based helpdesk suite written in PHP. The installed version of Cerberus Helpdesk on the remote host allows an unauthenticated attacker to retrieve information about ticket requesters through the 'rpc.php' script. %NASLMINLEVEL 70300 C Tenable...

registroTL - main.php Remote File Inclusion

registroTL - main.php Remote File Inclusion Title..: 7 php scripts File Inclusion Vuln / Source disclosure Credits: DarkFig Og.link: http://acid-root.new.fr/poc/13061007.txt Using http://www.google.com/codesearch Few examples about what we can do with a code search engine For educational purpose...

KGB 1.87 (Local Inclusion) Remote Code Execution Exploit

Exploit for unknown platform in category web applications ======================================================== KGB 1.87 Local Inclusion Remote Code Execution Exploit ======================================================== !/usr/bin/php -q -d shortopentag=on ? $devilteam = " :::::::::...

Newsscript 0.5 - Local/Remote File Inclusion

Product : Newsscript Homepage : http://www.webmaster-journal.com Version : 0.5 Date : 12-09-2006 Vulnerability : Remote & local File Inclusion Risk : High --------------------------------------------------------------------------------------------------------- Description : Newsscript is a PHP...

RaidenHTTPD SoftParserFileXml Parameter Remote File Inclusion

Binary data 3740.prm...

PHP-Fusion extract() Global Variable Overwriting

The version of PHP-Fusion on the remote host supports registering variables from user-supplied input in the event that PHP's 'registerglobals' setting is disabled, which is the default in current versions of PHP. Unfortunately, the way that this has been implemented in the version on the remote...

SL_Site <= 1.0 [spaw_root] Remote File Include Vulnerability

--------------------------------------------------------------------------- SLSite = 1.0 spawroot Remote File Include Vulnerability --------------------------------------------------------------------------- Discovered By Kw3RLn Romanian Security Team : hTTp://RST-CREW.net : Remote : Yes Critical...

pHNews alpha 1 - 'templates_dir' Remote Code Execution

!/usr/bin/php -q -d shortopentag=on ? $devilteam = " ::::::::: :::::::::: ::: ::: ::::::::::: ::: :+: :+: :+: :+: :+: :+: :+: +:+ +:+ +:+ +:+ +:+ +:+ +:+ ++ +:+ +++:++ ++ +:+ ++ ++ ++ ++ ++ ++ ++ ++ ++ + + + +++ + + ::::::::::: :::::::::: ::: :::: :::: :+: :+: :+: :+: +:+:+: :+:+:+ +:+ +:+ +:+ +:...

Feedsplitter <= 2006-01-21 Multiple Remote Vulnerabilities (XSS, Traversal, Disc)

The remote host is running Feedsplitter, a PHP script for converting RSS / RDF feeds into HTML. The version of Feedsplitter installed on the remote host fails to properly validate the 'format' parameter of the 'feedsplitter.php' script before using it to parse an arbitrary XML file. An...

iziContents RC6 - Remote Code Execution

!/usr/bin/php -q -d shortopentag=on include/rssfunctions.php line 32-40: .... $GLOBALS"rootdp" = './'; requireonce $GLOBALS"rootdp"."include/config.php"; requireonce $GLOBALS"rootdp"."include/db.php"; requireonce $GLOBALS"rootdp"."include/session.php"; includeonce...

Serv-U get the administrator password new trick-vulnerability warning-the black bar safety net

Sometimes we get the WebShell is very pleased with the Serv-U local privilege escalation vulnerability to achieve complete control of broiler purposes, but will always go wrong. We at WebShell input of a command is generally like this: D:\WEB\su.exe “net user 1 1 /add” Many cases can not be...

etomiteCMS-061.txt

!/usr/bin/php -q -d shortopentag=on 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.=" 0".dechexord$string$i; $cont++;if $cont==15 $con...

Advisory: Remote command execution in planetGallery

Advisory: Remote command execution in planetGallery An admin of planetGallery is allowed to create new galleries and upload images. Because of a vulnerable regular expression, he may also upload PHP scripts and thereby execute arbitrary commands with the privileges of PHP. Details ======= Product...

deV!Lz Clanportal [DZCP] <= 1.34 (id) Remote SQL Injection Exploit

Exploit for unknown platform in category web applications ================================================================== deV!Lz Clanportal DZCP = 1.34 id Remote SQL Injection Exploit ================================================================== ? errorreportingEERROR; function exploitini...

BandSite CMS 1.1.1 - ROOT_PATH Remote File Inclusion

BandSite CMS 1.1.1 - ROOTPATH Remote File Inclusion --------------------------------------------------------------------------- Grayscale BandSite CMS =rootpath Remote File Include Vulnerabilities --------------------------------------------------------------------------- Discovered By Kw3RLn...

Zeroboard File Upload &amp; extension bypass Vulnerability

Zeroboard File Upload & extension bypass Vulnerability Author : Choi Min-sung mins at wins21.com Product : Zeroboard http://www.nzeo.com Verndor-Patches : Unpatched Impact : remote code execution Summary ======= Basically, the PHP, HTML, and CGI files are prohibited to upload in Zeroboard. But...

Flog.txt

SaVSaK.CoM | SpC-x - The-BeKiR | Flog 1.1.2 Version - Remote File Include Vulnerabilities Risk : High Class: Remote Script : Flog Credits : SpC-x Thanks : The-BeKiR - Ejder - FasTBoY - ERNE - RMx - Nukedx - Str0ke Code : Vulnerable : http://www.victim.com/Flog/config.php?FLogdirinclude=Command-Sh...

CVE-2006-2825

cPanel does not automatically synchronize the PHP openbasedir configuration directive between the main server and virtual hosts that share physical directories, which might allow a local user to bypass openbasedir restrictions and access other virtual hosts via a PHP script that uses a main serve...