1414 matches found
AWCM 2.1 - Local File Inclusion / Auth Bypass Vulnerabilities
No description provided by source. ---------------------------------AWCM v2.1 LFI/Auth Bypass Vulnerabilities--------------------------------------- ---------------------------------------------------------------------------------------------------------------- Script : AWCM version : v2.1...
Flax Article Manager 1.1 - Remote PHP Script Upload Vulnerability
No description provided by source. Flax Article Manager 1.1 Remote File Upload Vulnerability ---------------------------------------------------------- Discovered By: S.W.A.T. [email protected] Home: www.batlagh.com Script Page: http://www.clixint.com/products/articles Dork: Copyright 2006 © Fla...
myphpPageTool 0.4.3 -1 Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6744/info myphpPageTool is prone to an issue which may allow remote attackers to include files located on remote servers. This issue is present in several PHP script files in the /doc/admin folder. Under some circumstance...
iDev Rentals 1.0 - Multiple Vulnerabilities
No description provided by source. Title: ====== iDev Rentals v1.0 - Multiple Web Vulnerabilities Date: ===== 2012-11-14 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=760 VL-ID: ===== 758 Common Vulnerability Scoring System: ==================================== 3.5...
CF Image Hosting Script 1.3.82 File Disclosure
No description provided by source. !/usr/bin/perl CF Image Hosting Script 1.3.82 File Disclosure Exploit Bugfounder and Exploitcoder: bd0rk Contact: www.sohcrew.school-of-hack.net eMail: bd0rkathackermail.com Affected-Software: CF Image Hosting Script 1.3.82 Vendor: http://www.phpkode.com Downloa...
Pluxml 0.3.1 - Remote Code Execution Exploit
No description provided by source. ?php C:\ sploit.php -url http://victim.com/pluxml0.3.1/ -ip 90.27.10.196 /Waiting for connection on http://90.27.10.196:80/ !Now you have to make the victim to click on the url +Received 395 bytes from 182.26.54.2:2007 +Sending 366 bytes to 182.26.54.2:2007...
gBook 1.4 Administrative Access Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6033/info A vulnerability has been discovered in gBook v1.4. It has been reported that it is possible for an unauthorized attacker to gain administrative access to gBook by passing a malicious request to a php script...
TorrentFlux 2.3 - admin.php Administrator Account Creation CSRF
No description provided by source. source: http://www.securityfocus.com/bid/28846/info TorrentFlux is prone to a cross-site request-forgery vulnerability and a remote PHP code-execution vulnerability. Exploiting these issues may allow a remote attacker to create administrative accounts in the...
MHP Downloadshop SQL Injection Vulnerability
No description provided by source. ----------------------------Information------------------------------------------------ +Name : MHP Downloadshop = SQL injection Vulnerability Proof of Concept +Autor : Easy Laster +Date : 17.12.2010 +Script : MHP Downloadshop +Demo...
Jason Orcutt Prometheus 3.0/4.0/6.0 - Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6087/info Prometheus is prone to an issue which may allow remote attackers to include arbitrary files located on remote servers. This issue is present in several PHP script files provided with Prometheus. An attacker may...
EgO 0.7b - (fckeditor) Remote File Upload
No description provided by source. Title: EgO v0.7b fckeditor Remote File Upload Download: http://sourceforge.net/projects/vairux-ego/ AUTHOR: ITSecTeam Email: [email protected] Website: http://www.itsecteam.com Forum : http://forum.ITSecTeam.com Original Advisory:...
Cedric Email Reader 0.2/0.3 Skin Configuration Script Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6818/info It has been reported that Cedric Email Reader is prone to an issue that may allow remote attackers to include malicious files located on remote servers. This issue is present in the 'email.php' script. Under som...
Netref 4.2 Cat_for_gen.PHP Remote PHP Script Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13275/info A remote PHP script injection vulnerability affects Netref. This issue is due to a failure of the application to sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary PHP script...
cPanel < 11.25 CSRF - Add User php Script
No description provided by source. Exploit Title: cPanel 11.25 CSRF - Add php script Date: 27.05.2011 Author: ninjashell Software Link: http://cpanel.net Version: 11.25 see details below Tested on: Linux CVE : N/A I. Introduction cPanel versions below and excluding 11.25 , are vulnerable to CSRF...
W-Agora 4.2.1 - Multiple Arbitrary File Upload Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/23055/info w-Agora is prone to multiple arbitrary file-upload vulnerabilities. An attacker can exploit these vulnerabilities to upload PHP script code and execute it in the context of the webserver process. w-Agora 4.2.1 ...
Killer Protection 1.0 Information Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5905/info The Killer Protection PHP script is prone to an information-disclosure issue. Reportedly, unauthorized users can access sensitive user data by requesting the 'vars.inc' file in a malicious HTTP request. Exploiti...
Laurent Adda Les Commentaires 2.0 PHP Script fonctions.lib.php Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/9536/info It has been reported that Les Commentaires may be prone to a file include vulnerability in various modules, that may allow an attacker to include malicious external files containing arbitrary PHP code to be...
pMachine 1.0/2.x Multiple Script sfx Parameter Path Disclosure
No description provided by source. source: http://www.securityfocus.com/bid/7980/info It has been reported that pMachine is prone to remote a patch disclosure vulnerability when accessing various scripts. When a request is made for a target PHP script, possibly requiring a blank URI parameter,...
Laurent Adda Les Commentaires 2.0 PHP Script admin.php Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/9536/info It has been reported that Les Commentaires may be prone to a file include vulnerability in various modules, that may allow an attacker to include malicious external files containing arbitrary PHP code to be...
GuestBookPlus HTML Injection & Bypass Comments Limit
No description provided by source. ======================================================================= In the name of ALLAH ! ======================================================================= GuestBookPlus Script PHP HTML Injection Vuln...