Woltlab Burning Board 2.3.X SQL Injection Vulnerability

Use it like this: http://127.0.0.1/wbb2/thread.php?threadid=1&page=-1 Ok, its kinda useless 'cause it's an "ORDER BY", but u can see: - the PHP Version - the MySQL version - the wBB Version when it has been faked or removed Greets, 666 - www.sr-crew.de.tt...

PmWiki < 2.1.21 Global Variables Overwriting

The version of PmWiki installed on the remote host contains a programming flaw in 'pmwiki.php' that may allow an unauthenticated remote attacker to overwrite global variables used by the application, which could in turn be exploited to execute arbitrary PHP code on the affected host, subject to t...

e107 ibrowser.php zend_has_del() Function Remote Code Execution

The 'e107handlers/tinymce/plugins/ibrowser/ibrowser.php' script included with the version of e107 installed on the remote host contains a programming flaw that may allow an unauthenticated, remote attacker to execute arbitrary PHP code on the affected host, subject to the privileges of the web...

MercuryBoard <= 1.1.4 (User-Agent) Remote SQL Injection Exploit

Exploit for unknown platform in category web applications =============================================================== MercuryBoard 4.1 allowing subs not working for me, so I wrote my version vulnerability is actually unpatched... / if $argc3 printr'...

PHP <= 4.4.3 / 5.1.4 (objIndex) Local Buffer Overflow Exploit PoC

Exploit for unknown platform in category web applications ================================================================= PHP = 4.4.3 / 5.1.4 objIndex Local Buffer Overflow Exploit PoC ================================================================= ?php / Author: Heintz Date: 4-th august 2006...

CVE-2006-1549

PHP 4.4.2 and 5.1.2 allows local users to cause a crash segmentation fault by defining and executing a recursive function. NOTE: it has been reported by a reliable third party that some later versions are also affected...

Design/Logic Flaw

PHP before 5.1.3-RC1 might allow remote attackers to obtain portions of memory via crafted binary data sent to a script that processes user input in the htmlentitydecode function and sends the encoded results back to the client, aka a "binary safety" issue. NOTE: this issue has been referred to a...

CVE-2006-1490

PHP before 5.1.3-RC1 might allow remote attackers to obtain portions of memory via crafted binary data sent to a script that processes user input in the htmlentitydecode function and sends the encoded results back to the client, aka a "binary safety" issue. NOTE: this issue has been referred to a...

PHP 4.x5.x - Html_Entity_Decode() Information Disclosure

PHP 4.x5.x - HtmlEntityDecode Information Disclosure source: https://www.securityfocus.com/bid/17296/info PHP 'htmlentitydecode' function is prone to an information-disclosure vulnerability. This issue arises when a script using the function accepts data from a remote untrusted source and returns...

PHP <= 4.4.0 (mysql_connect function) Local Buffer Overflow Exploit

Exploit for unknown platform in category local exploits =================================================================== PHP = 4.4.0 mysqlconnect function Local Buffer Overflow Exploit =================================================================== ?php / This exploit was designed to work...

Horde Information Disclosure Vulnerability (Nov 2005) - Active Check

Horde is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2004 Sverre H. Huseby Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

PHP < 4.1.2 POST File Uploads Vulnerabilities - Active Check

There are several flaws in how PHP handles multipart/form-data POST requests, any one of which can allow an attacker to gain remote access to the system. SPDX-FileCopyrightText: 2002 Thomas Reinke Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

PHP 4.x < 4.4.0 / 5.x < 5.0.6 GLOBAL Variable Overwrite

Binary data 3273.prm...

Multiple Vulnerability In-Portal.net

Multiple Vulnerability In-Portal.net In-Portal Site Package - Price:$295 Quote: "our most popular products designed to run a successful portal or a community web site. It is equipped with the latest In-portal Platform, In-link Directory Management, In-newz News Management and In-bulletin Discussi...

MidiCart PHP - &#039;Item_List.php?SecondGroup&#039; SQL Injection

source: https://www.securityfocus.com/bid/13514/info MidiCart PHP is prone to an SQL-injection vulnerability because it fails to properly sanitize user-supplied input before using it in an SQL query. A successful exploit could allow an attacker to compromise the application, access or modify data...

security flaw

The phphandleiff function in image.c for PHP 4.2.2, 4.3.9, 4.3.10 and 5.0.3, as reachable by the getimagesize PHP function, allows remote attackers to cause a denial of service infinite loop via a -8 size value...

security flaw

PHP 4.0 with cURL functions allows remote attackers to bypass the openbasedir setting and read arbitrary files via a file: URL argument to the curlinit function...

CVE-2004-1063

PHP 4.x to 4.3.9, and PHP 5.x to 5.0.2, when running in safe mode on a multithreaded Unix webserver, allows local users to bypass safemodeexecdir restrictions and execute commands outside of the intended safemodeexecdir via shell metacharacters in the current directory name. NOTE: this issue was...

CVE-2004-1063

PHP 4.x to 4.3.9, and PHP 5.x to 5.0.2, when running in safe mode on a multithreaded Unix webserver, allows local users to bypass safemodeexecdir restrictions and execute commands outside of the intended safemodeexecdir via shell metacharacters in the current directory name. NOTE: this issue was...

PHP < 5.0.2 Open Bracket Memory Disclosure

Binary data 2354.prm...