Advisory: Remote command execution in planetGallery

Advisory: Remote command execution in planetGallery An admin of planetGallery is allowed to create new galleries and upload images. Because of a vulnerable regular expression, he may also upload PHP scripts and thereby execute arbitrary commands with the privileges of PHP. Details ======= Product...

deV!Lz Clanportal [DZCP] <= 1.34 (id) Remote SQL Injection Exploit

Exploit for unknown platform in category web applications ================================================================== deV!Lz Clanportal DZCP = 1.34 id Remote SQL Injection Exploit ================================================================== ? errorreportingEERROR; function exploitini...

BandSite CMS 1.1.1 - ROOT_PATH Remote File Inclusion

BandSite CMS 1.1.1 - ROOTPATH Remote File Inclusion --------------------------------------------------------------------------- Grayscale BandSite CMS =rootpath Remote File Include Vulnerabilities --------------------------------------------------------------------------- Discovered By Kw3RLn...

Zeroboard File Upload &amp; extension bypass Vulnerability

Zeroboard File Upload & extension bypass Vulnerability Author : Choi Min-sung mins at wins21.com Product : Zeroboard http://www.nzeo.com Verndor-Patches : Unpatched Impact : remote code execution Summary ======= Basically, the PHP, HTML, and CGI files are prohibited to upload in Zeroboard. But...

Flog.txt

SaVSaK.CoM | SpC-x - The-BeKiR | Flog 1.1.2 Version - Remote File Include Vulnerabilities Risk : High Class: Remote Script : Flog Credits : SpC-x Thanks : The-BeKiR - Ejder - FasTBoY - ERNE - RMx - Nukedx - Str0ke Code : Vulnerable : http://www.victim.com/Flog/config.php?FLogdirinclude=Command-Sh...

CVE-2006-2825

cPanel does not automatically synchronize the PHP openbasedir configuration directive between the main server and virtual hosts that share physical directories, which might allow a local user to bypass openbasedir restrictions and access other virtual hosts via a PHP script that uses a main serve...

Claroline <= 1.7.6 (includePath) Remote Code Execution Exploit

Exploit for unknown platform in category web applications ============================================================== Claroline = 1.7.6 includePath Remote Code Execution Exploit ============================================================== !/usr/bin/php -q -d shortopentag=on ? echo "Claroline...

Claroline 1.7.6 - includePath Remote Code Execution

Claroline 1.7.6 - includePath Remote Code Execution !/usr/bin/php -q -d shortopentag=on ? echo "Claroline = 1.7.6 "includePath" remote cmmnds xctn\r\n"; echo "by rgod [email protected]\r\n"; echo "site: http://retrogod.altervista.org\r\n\r\n"; echo "dork: "Powered by Claroline" -demo\r\n\r\n";...

e107 email.php Arbitrary Mail Relay

The version of e107 installed on the remote host contains a script, 'email.php' that allows an unauthenticated user to send email messages to arbitrary users and to control, to a large degree, the content of those messages. This issue can be exploited to send spam or other types of abuse through...

topsitesXSS.txt

Xtremescripts Topsites v1.1 Homepage: http://www.xtremescripts.com/topsites.php Description: Xtreme Topsites is a popular topsite PHP script for websites. Most commonly used across anime websites at the moment. The topsite will count hits/clicks in and hits out and will rank them on total hits so...

Code injection

Invision Power Board IPB before 2.1.6 allows remote attackers to execute arbitrary PHP script via attack vectors involving 1 the posticon variable in classes/post/classpost.php and 2 the df value in actionpublic/moderate.php...

CVE-2006-2498

Invision Power Board IPB before 2.1.6 allows remote attackers to execute arbitrary PHP script via attack vectors involving 1 the posticon variable in classes/post/classpost.php and 2 the df value in actionpublic/moderate.php...

[Full-disclosure] [Info Disclosure] Diesel PHP Job Site Latest Version

Subject: Info Disclosure Diesel PHP Job Site Latest Version Severity: Pretty Bad Title: Diesel PHP Job Site Latest Version Information Disclosure Home Page: http://www.dieselscripts.com/ Product Page: http://www.dieselscripts.com/diesel-job-site.html Date: May 17, 2006 Synopsis: ========= When an...

PHP Script Tools PSY Auction - item.php?id SQL Injection

PHP Script Tools PSY Auction - item.php?id SQL Injection source: https://www.securityfocus.com/bid/17974/info PSY Auction is prone to multiple input-validation vulnerabilities. The issues include HTML-injection and SQL-injection vulnerabilities. These issues are due to a failure in the applicatio...

Coppermine Photo Gallery index.php file Parameter Local File Inclusion

The version of Coppermine Gallery installed on the remote host fails to properly sanitize input to the 'file' parameter of the 'index.php' script before using it in a PHP 'includeonce' function. Regardless of PHP's 'registerglobals' setting, an unauthenticated attacker may be able to exploit this...

[eVuln] QLnews XSS and PHP Code Insertion Vulnerabilities

New eVuln Advisory: QLnews XSS and PHP Code Insertion Vulnerabilities http://evuln.com/vulns/113/summary.html --------------------Summary---------------- eVuln ID: EV0113 CVE: CVE-2006-1575 CVE-2006-1576 Software: QLnews Sowtware's Web Site: http://www.vscripts.pl/ Versions: 1.2 Critical Level:...

PHP 4.x - &#039;tempnam() open_basedir&#039; Restriction Bypass

source: https://www.securityfocus.com/bid/17439/info PHP is prone to multiple 'safemode' and 'openbasedir' restriction-bypass vulnerabilities. Successful exploits could allow an attacker to access sensitive information or to write files in unauthorized locations. These vulnerabilities would be an...

BASE base_maintenance.php Authentication Bypass

The remote host is running BASE, a web-based tool for analyzing alerts from one or more SNORT sensors. The version of BASE installed on the remote host allows a remote attacker to bypass authentication to the 'basemaintenance.php' script and then perform selected maintenance tasks. %NASLMINLEVEL...

Sql injection

SQL injection vulnerability in PHP Script Index allows remote attackers to execute arbitrary SQL commands via the search parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

Cross site scripting

Cross-site scripting XSS vulnerability in search.php in PHP Script Index allows remote attackers to inject arbitrary web script or HTML via the search parameter...