Lucene search
K

1132 matches found

exploitpack
exploitpack
added 2003/10/04 12:0 a.m.13 views

EternalMart Mailing List Manager 1.32 - Remote File Inclusion

EternalMart Mailing List Manager 1.32 - Remote File Inclusion source: https://www.securityfocus.com/bid/8767/info EternalMart Mailing List Manager and Guestbook are prone to remote file-include vulnerabilities. Remote attackers may cause malicious PHP code to run on the webserver...

0.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2003/09/24 12:0 a.m.56 views

PHP < 4.3.3 Multiple Vulnerabilities

The remote host is running a version of PHP that is older than 4.3.3. All versions of PHP 4 older than 4.3.3 contain multiple integer overflow vulnerabilities that may allow an attacker to execute arbitrary commands on this host. Another problem may also invalidate safemode. %NASLMINLEVEL 70300 C...

10CVSS5.6AI score0.06982EPSS
Exploits1References5
Packet Storm
Packet Storm
added 2003/09/13 12:0 a.m.19 views

myPHPNuke.txt

Informations : °°°°°°°°°°°°° Language : PHP Version : 1.8.87 Website : http://www.myphpnuke.com Problems : - Upload/Copy/Include Files PHP Code/Location : °°°°°°°°°°°°°°°°°°° gallery/displayCategory.php : ------------------------------------------ ... attach;"; else die"No input file specified";...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2003/07/18 12:0 a.m.44 views

eStore SQL Injection Vulnerability & Path Disclosure

1ndonesian Security Team 1st http://bosen.net/releases/ ============================================================== Security Advisory Advisory Name: eStore SQL Injection Vulnerability & Path Disclosure Release Date: 07/15/2003 Application: eStore 1.0.1 eStore 1.0.2 eStore 1.0.2b Platform: PHP...

8.3AI score
Exploits0
RedHat Linux
RedHat Linux
added 2003/06/30 2:37 p.m.15 views

Important: Red Hat Security Advisory: : : : New PHP packages fix vulnerabilities

Updated PHP packages are available for Red Hat Linux on IBM iSeries and pSeries systems. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP server. The mail function in PHP 4.x to 4.2.2 may allow local script authors to bypass safe mode restrictions and modify command...

7.5CVSS6.2AI score0.09725EPSS
Exploits0References2
securityvulns
securityvulns
added 2003/05/30 12:0 a.m.63 views

b2 cafelog 0.6.1 remote command execution.

Products: b2 cafelog 0.6.1 http://cafelog.com/ Date: 29 May 2003 Author: pokleyzz pokleyzzatscan-associates.net Contributors: skatscan-associates.net shaharilatscan-associates.net muniratscan-associates.net URL: http://www.scan-associates.net Summary: b2 cafelog 0.6.1 remote command execution...

1AI score
Exploits0
securityvulns
securityvulns
added 2003/05/16 12:0 a.m.29 views

OneOrZero Security Problems &#40;PHP&#41;

Informations : °°°°°°°°°°°°°° Website : http://www.oneorzero.com Version : 1.4 rc4 Problems : - SQL Injection - Admin Access PHP Code/Location : °°°°°°°°°°°°°°°°°°° supporter/tupdate.php : -------------------------------------------------------------------------- if$groupid == 'change' $sql =...

Exploits0
securityvulns
securityvulns
added 2003/04/05 12:0 a.m.24 views

Inaccurate Reports Concerning PHP Vulnerabilities

There have been a number of reports circulating about possible vulnerabilities in PHP. I'm going to address them one-by-one: Integer Overflow in socketiovecalloc WRONG! This is a Null-pointer de-reference: EAX = 00000000 EDI = 41414141 0085353A 8B 38 mov edi,dword ptr eax The access violation...

0.8AI score
Exploits0
securityvulns
securityvulns
added 2003/04/05 12:0 a.m.24 views

Inaccurate Reports Concerning PHP Vulnerabilities

There have been a number of reports circulating about possible vulnerabilities in PHP. I'm going to address them one-by-one: Integer Overflow in socketiovecalloc WRONG! This is a Null-pointer de-reference: EAX = 00000000 EDI = 41414141 0085353A 8B 38 mov edi,dword ptr eax The access violation...

0.8AI score
Exploits0
securityvulns
securityvulns
added 2003/03/26 12:0 a.m.28 views

Multiple PHP problems

Local integer overflow in socketiovecalloc may be exploited if PHP is compiled with --enable-sockets option. Memory allocation troubles. Buffer overflow in openlog...

2.5AI score
Exploits0References7Affected Software1
RedHat Linux
RedHat Linux
added 2003/03/18 11:1 a.m.14 views

Important: Red Hat Security Advisory: apache, openssl, php security update for Stronghold

Updated versions of Stronghold 3.0 are available to fix a number of vulnerabilities in OpenSSL, Apache, and PHP. Stronghold 3.0 contains a number of open source technologies such as OpenSSL, Apache, and PHP. The following paragraphs describe a number of issues that have been found in versions of...

7.5CVSS7.2AI score0.17413EPSS
Exploits8References2
RedHat Linux
RedHat Linux
added 2003/03/03 9:16 a.m.11 views

Important: Red Hat Security Advisory: apache, openssl, php, tomcat security update for Stronghold

Updated versions of Stronghold 4 cross-platform are available to fix a number of vulnerabilities in OpenSSL, Apache, PHP, and Tomcat. Also included in this update are bug fixes for modproxy and the modauthzldap package. Stronghold 4 cross platform contains a number of open source technologies suc...

7.5CVSS7AI score0.13718EPSS
Exploits7References4
securityvulns
securityvulns
added 2003/01/11 12:0 a.m.51 views

Mambo Site Server Remote Code Execution

Mambo PHP-Portal Vulnerability By Mindwarper :: [email protected] :: ------- ------- ---------------------- Vendor Information: ---------------------- Homepage : http://www.mamboserver.com Vendor : informed Mailed advisory: 09/01/03 Vender Response : None yet ---------------------- Affected Version...

0.4AI score
Exploits0
NVD
NVD
added 2002/12/31 5:0 a.m.8 views

CVE-2002-2217

Multiple PHP remote file inclusion vulnerabilities in Web Server Creator - Web Portal WSC-WebPortal 0.1 allow remote attackers to execute arbitrary PHP code via a URL in the 1 l parameter to customize.php or the 2 pg parameter to index.php...

7.5CVSS7.7AI score0.02055EPSS
Exploits1References8
securityvulns
securityvulns
added 2002/12/04 12:0 a.m.37 views

squirellmail php bugs

Uninitialized PHP valirables, crossite scripting...

2AI score
Exploits0References6Affected Software1
Exploit DB
Exploit DB
added 2002/11/26 12:0 a.m.25 views

FreeNews 2.1 - Include Undefined Variable Command Execution

source: https://www.securityfocus.com/bid/6258/info FreeNews is a freely available, open source News software package. It is written in PHP, and designed for use on Unix and Linux operating systems. Programming errors in FreeNews could lead to the inclusion of arbitrary files on remote servers in...

7.4AI score
Exploits0
RedHat Linux
RedHat Linux
added 2002/11/08 11:15 a.m.7 views

Important: Red Hat Security Advisory: apache, mod_ssl, php security update for Stronghold

Updated versions of the Apache HTTP server, PHP, and modssl are now available which close possible buffer overflows in the Apache HTTP server benchmarking tool, fix two cross-site scripting vulnerabilities in the error pages, and fix possible local privilege escalation. These updates also fix...

7.5CVSS6.2AI score0.94006EPSS
Exploits0References2
securityvulns
securityvulns
added 2002/10/03 12:0 a.m.90 views

Multiple Web Security Holes

I sent this three times to webappsec but without resultats. I try so on bugtraq, although that is less appropriate. ----------------------------------------------------- Five products in PHP are vulnerable to various holes. 1 TightAuction Website : http://www.tightprices.com Tested Version : 3.0...

7AI score
Exploits0
Debian
Debian
added 2002/09/18 1:40 p.m.35 views

[SECURITY] [DSA 168-1] New PHP packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 168-1 [email protected] http://www.debian.org/security/ Martin Schulze September 18th, 2002 http://www.debian.org/security/faq -...

7.5CVSS0.2AI score0.0315EPSS
Exploits0
OSV
OSV
added 2002/09/18 12:0 a.m.22 views

DSA-168 php - bypassing safe_mode, CRLF injection

Bulletin has no description...

7.5CVSS6.1AI score0.0315EPSS
Exploits0
Rows per page
Query Builder