PAFileDB Multiple Script Error Message Path Disclosure

There is a flaw in the remote version of paFileDB that may let an attacker obtain the physical path of the remote installation by sending a malformed request to one of the scripts 'admins.php', 'category.php', or 'team.php'. This information may help an attacker make more focused attacks against...

Aztek Forum Multiple Script XSS

The remote host is using Aztek Forum, a web forum written in PHP. A vulnerability exists the remote version of this software - more specifically in the script 'forum2.php', that may allow an attacker to set up a cross-site scripting attack using the remote host. %NASLMINLEVEL 70300 C Tenable...

GFHost PHP GMail Remote Command Execution Exploit

No description provided by source. GFHost explo Spawn bash style Shell with webserver uid Greetz SPAX, foxtwo, Zone-H This Script is currently under development use strict; use IO::Socket; my $host; my $port; my $command; my $url; my @results; my $probe; my @U; $U1 =...

phpBB 2.0.x - 'admin_cash.php' PHP Remote File Inclusion

source: https://www.securityfocus.com/bid/11701/info A vulnerability is reported to exist in the phpBB CashMod module that may allow an attacker to include malicious PHP files containing arbitrary code to be executed on a vulnerable system. Remote attackers could potentially exploit this issue vi...

PHP 4.x/5 - cURL 'open_basedir' Restriction Bypass

source: https://www.securityfocus.com/bid/11557/info It is reported that cURL allows malicious users to bypass 'openbasedir' restrictions in PHP scripts. This issue is due to a failure of the cURL module to properly enforce PHPs 'openbasedir' restriction. Users with the ability to create or modif...

UBB.threads dosearch.php SQL injection

There is a SQL injection issue in the remote version of UBB.threads that may allow an attacker to execute arbitrary SQL statements on the remote host and potentially overwrite arbitrary files there by sending a malformed value to the 'Name' argument of the file 'dosearch.php'. %NASLMINLEVEL 70300...

Gallery: Arbitrary command execution

Background Gallery is a PHP script for maintaining online photo albums. Description The upload handling code in Gallery places uploaded files in a temporary directory. After 30 seconds, these files are deleted if they are not valid images. However, since the file exists for 30 seconds, a carefull...

Bugs fixed in Version 1.4.3

In-Reply-To: [email protected] B. Unspecified File Download Vulnerability B1. An error in the MyDMS software allows to a registered users and only to registered users to download any file, such as /etc/passwd, by inserting in a parameter a text such as...

Plesk Reloaded login_up.php3 login_name Parameter XSS

The remote host is running Plesk Reloaded from SWsoft, a web-based system administration tool. The remote version of this software is vulnerable to a cross-site scripting attack because of its failure to sanitize user input to the 'loginname' parameter of the 'loginup.php3' script. This issue can...

BasiliX login.php3 username Variable Arbitrary Command Execution

The remote host appears to be running a version of BasiliX between 1.0.2beta or 1.0.3beta. In such versions, the script 'login.php3' fails to sanitize user input, which enables a remote attacker to pass in a specially crafted value for the parameter 'username' with arbitrary commands to be execut...

wpquiz.txt

Ok so here is what I found Authors website wireplastik.com currently down php script I found exploit in wpquiz version 2.60b8 also tested on 2.60b 1-7 Exploit: by default wpquiz comes with a folder called extras. This folder is not password protected nor does it require any sort of authentication...

phpBB 2.0.x - 'viewtopic.php' PHP Script Injection

source: https://www.securityfocus.com/bid/10701/info The 'viewtopic.php' phpBB script is prone to a remote PHP script injection vulnerability because the application fails to properly sanitize user-supplied URI parameters before using them to construct dynamically generated web pages. Exploiting...

YaPiG 0.92 - Remote Server-Side Script Execution

source: https://www.securityfocus.com/bid/10891/info A vulnerability is reported to exist in YaPiG that may allow a remote attacker to execute malicious scripts on a vulnerable system. This issue exists due to a lack if sanitization of user-supplied data. It is reported that an attacker may be ab...

centreVuln.txt

Summary: www.miller-group.net The Miller Group, Inc. announces the release of Centre, a free student information system for public and non-public schools. Centre is a web-based, open source, student management product with features that include scheduling, grade book, attendance, eligibility,...

artmedic_links5 PHP Script (include path) vuln

There's a possilbity of looking at files with apache priviliges using artmediclinks5 php script. http://www.artmedic-phpscripts.de/artmediclinks.php. Vulnerability include path is in index.php, standard use: hostname/artmediclinks5/index.php?id=file or index.php?id=url I noticed there's a lot of...

DSA-516 postgresql - buffer overflow

Bulletin has no description...

Invision Power Board index.php pop Parameter XSS

There is a bug in the version of Invision Power Board on the remote host that makes it vulnerable to cross-site scripting attacks. An attacker may exploit this issue to steal the credentials of legitimate users of this site. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

phpMyAdmin255pl1.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Arbitrary File Disclosure Vulnerability in phpMyAdmin 2.5.5-pl1 and prior Summary : phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the WWW. There is a vulnerability in the current stable version of phpMyAdmin...

Laurent Adda Les Commentaires 2.0 - PHP Script admin.php Remote File Inclusion

Laurent Adda Les Commentaires 2.0 - PHP Script admin.php Remote File Inclusion source: https://www.securityfocus.com/bid/9536/info It has been reported that Les Commentaires may be prone to a file include vulnerability in various modules, that may allow an attacker to include malicious external...

Laurent Adda Les Commentaires 2.0 - PHP Script 'derniers_commentaires.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/9536/info It has been reported that Les Commentaires may be prone to a file include vulnerability in various modules, that may allow an attacker to include malicious external files containing arbitrary PHP code to be executed on a vulnerable system. All...