Speedwiki 2.0 Arbitrary File Upload Vulnerability

product :Speedwiki 2.0 vendor site: http://speedywiki.sourceforge.net/ risk:critical a user logged in , can upload a PHP script on the server , by the upload script , there's actually no upload filter on this cms path : /speedywiki/index.php?upload=1 xss get :...

iPrimal Forums - '/admin/index.php' Remote File Inclusion

iPrimal Forums Remote File Inclusion Download:http://ipigroup.org/downloads/forums.zip Found by Bl0od3r Vulnerable Code: line 126-129 ..... if$GET'p' == '' echo 'Please select an item from the menu above.'; else include$GET'p'.'.php'; ..... Affected File: /admin/index.php = Vulnerability:...

Free Image Hosting <= 1.0 (forgot_pass.php) File Include Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? print ' | \\ | \\ | \ . . |\ \ \ /\ \ / /| || | | | | \ | \ Y / | || | | \ | \ \ / | || | |/ // / / ||| \ | / / \ / \ |\ /\ / / \ / \ | | | | / /\ \ / \ / \ | | | | / | / Y \ || / /| /| /...

Coppermine Photo Gallery 1.4.9 Remote SQL Injection Vulnerability

Exploit for unknown platform in category web applications ================================================================= Coppermine Photo Gallery 1.4.9 Remote SQL Injection Vulnerability ================================================================= !/usr/bin/php ?php / Coppermine Photo...

N/X WCMS <= 4.1 (nxheader.inc.php) Remote File Include Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? print ' | \\ | \\ | \ . . |\ \ \ /\ \ / /| || | | | | \ | \ Y / | || | | \ | \ \ / | || | |/ // / / ||| \ | / / \ / \ |\ /\ / / \ / \ | | | | / /\ \ / \ / \ | | | | / | / Y \ || / /| /| /...

Coppermine Photo Gallery 1.4.9 - SQL Injection

!/usr/bin/php ?php / Coppermine Photo Gallery 1.4.9 Remote SQL Injection Vulnerability Note: Requires a valid user account. Usage: php script.php host path table prefix user id username password Usage Example: php script.php domain.com /coppermine/ cpg149 1 john secret Googledork" "Powered by...

SoftBB多个远程代码执行及信息泄露漏洞

SoftBB是一款基于WEB的论坛程序。 SoftBB v0.1中存在多个输入验证错误，如下： 1 在SQL查询时没有正确的验证对/addmembre.php文件中groupe参数及/moveto.php文件中select参数的输入，允许攻击者执行SQL注入攻击。 2 在PHP脚本中存储之前没有正确过滤对admin/saveopt.php中多个参数的输入，允许攻击者执行任意PHP代码。成功攻击可能要求管理员权限。 3 对index.php中page参数的输入没有正确的处理空的或无效的参数，允许攻击者判断安装路径。 SoftBB = 0.1...

PHPht-rfi.txt

BiyoSecurity.Org & SecurityWall.Org Scripts: PHPht Topsites Remote File İnclude Download: http://www.linkini.net/phpscripts/descargas/Top%20Sites%208%20Archivos/PHPht%20Topsites.zip Greetz : Liz0zim , RMx , TRIP , DreamLord Regards : KorsaN Vulnerable file : All Files := vulnerable code :...

Cerberus Helpdesk rpc.php Arbitrary Ticket Information Disclosure

The remote host is running Cerberus Helpdesk, a web-based helpdesk suite written in PHP. The installed version of Cerberus Helpdesk on the remote host allows an unauthenticated attacker to retrieve information about ticket requesters through the 'rpc.php' script. %NASLMINLEVEL 70300 C Tenable...

registroTL - main.php Remote File Inclusion

registroTL - main.php Remote File Inclusion Title..: 7 php scripts File Inclusion Vuln / Source disclosure Credits: DarkFig Og.link: http://acid-root.new.fr/poc/13061007.txt Using http://www.google.com/codesearch Few examples about what we can do with a code search engine For educational purpose...

KGB 1.87 (Local Inclusion) Remote Code Execution Exploit

Exploit for unknown platform in category web applications ======================================================== KGB 1.87 Local Inclusion Remote Code Execution Exploit ======================================================== !/usr/bin/php -q -d shortopentag=on ? $devilteam = " :::::::::...

Newsscript 0.5 - Local/Remote File Inclusion

Product : Newsscript Homepage : http://www.webmaster-journal.com Version : 0.5 Date : 12-09-2006 Vulnerability : Remote & local File Inclusion Risk : High --------------------------------------------------------------------------------------------------------- Description : Newsscript is a PHP...

RaidenHTTPD SoftParserFileXml Parameter Remote File Inclusion

Binary data 3740.prm...

PHP-Fusion extract() Global Variable Overwriting

The version of PHP-Fusion on the remote host supports registering variables from user-supplied input in the event that PHP's 'registerglobals' setting is disabled, which is the default in current versions of PHP. Unfortunately, the way that this has been implemented in the version on the remote...

SL_Site <= 1.0 [spaw_root] Remote File Include Vulnerability

--------------------------------------------------------------------------- SLSite = 1.0 spawroot Remote File Include Vulnerability --------------------------------------------------------------------------- Discovered By Kw3RLn Romanian Security Team : hTTp://RST-CREW.net : Remote : Yes Critical...

pHNews alpha 1 - 'templates_dir' Remote Code Execution

!/usr/bin/php -q -d shortopentag=on ? $devilteam = " ::::::::: :::::::::: ::: ::: ::::::::::: ::: :+: :+: :+: :+: :+: :+: :+: +:+ +:+ +:+ +:+ +:+ +:+ +:+ ++ +:+ +++:++ ++ +:+ ++ ++ ++ ++ ++ ++ ++ ++ ++ + + + +++ + + ::::::::::: :::::::::: ::: :::: :::: :+: :+: :+: :+: +:+:+: :+:+:+ +:+ +:+ +:+ +:...

Feedsplitter <= 2006-01-21 Multiple Remote Vulnerabilities (XSS, Traversal, Disc)

The remote host is running Feedsplitter, a PHP script for converting RSS / RDF feeds into HTML. The version of Feedsplitter installed on the remote host fails to properly validate the 'format' parameter of the 'feedsplitter.php' script before using it to parse an arbitrary XML file. An...

iziContents RC6 - Remote Code Execution

!/usr/bin/php -q -d shortopentag=on include/rssfunctions.php line 32-40: .... $GLOBALS"rootdp" = './'; requireonce $GLOBALS"rootdp"."include/config.php"; requireonce $GLOBALS"rootdp"."include/db.php"; requireonce $GLOBALS"rootdp"."include/session.php"; includeonce...

Serv-U get the administrator password new trick-vulnerability warning-the black bar safety net

Sometimes we get the WebShell is very pleased with the Serv-U local privilege escalation vulnerability to achieve complete control of broiler purposes, but will always go wrong. We at WebShell input of a command is generally like this: D:\WEB\su.exe “net user 1 1 /add” Many cases can not be...

etomiteCMS-061.txt

!/usr/bin/php -q -d shortopentag=on 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.=" 0".dechexord$string$i; $cont++;if $cont==15 $con...