WeBid 1.0.2 - converter.php Remote Code Execution

WeBid 1.0.2 - converter.php Remote Code Execution checkmysql$res, $query, LINE, FILE; 157. $itemtitle = mysqlresult$res, 0, 'title'; Input passed through $REQUEST'auctionid' isn't properly sanitised before being used in the SQL query at line 154. - Vulnerable code to SQL injection works with...

BlogIt <= 1.6.0 Php Code Injection Vulnerability

Exploit for php platform in category web applications =================================================================== BlogIt Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 0 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-1 + Discovered B...

CVE-2009-5053

Unspecified vulnerability in Smarty before 3.0.0 beta 6 allows remote attackers to execute arbitrary PHP code by injecting this code into a cache file...

Code injection

Unspecified vulnerability in Smarty before 3.0.0 beta 6 allows remote attackers to execute arbitrary PHP code by injecting this code into a cache file...

MetInfo 3.0 PHP code injection vulnerability(getshell)-vulnerability warning-the black bar safety net

Official website: http://www.metinfo.cn/ Keyword:"Powered by MetInfo 3.0" Description: In the file/include/common. inc. php 6 line 7: evalbase64decode$allclass0; $allclass0 variable is not initialized, so we can control its value, the code injection use. POC: the...

RoSPORA <= 1.5.0 Remote PHP Code Injection

Exploit for php platform in category web applications ========================================== RoSPORA '; 671. $link=$SERVER'PHPSELF'."?f=".$flag."&s="; 672. 673. if !empty$plarray 674. 675. usort$plarray, createfunction'$a, $b', 'if $a'.$sort.' == $b'.$sort.' return 0; if $a'.$sort.'...

RoSPORA 1.5.0 - Remote PHP Code Injection

RoSPORA 1.5.0 - Remote PHP Code Injection '; 671. $link=$SERVER'PHPSELF'."?f=".$flag."&s="; 672. 673. if !empty$plarray 674. 675. usort$plarray, createfunction'$a, $b', 'if $a'.$sort.' == $b'.$sort.' return 0; if $a'.$sort.' '.$sorttype.' $b'.$sort.' return -1; return 1;'; 676. Input parameter...

SA00001-2010

Vulnerability Report 1. Affected software OrangeHRM 2.5.0.4 Prior versions may also be affected. "OrangeHRM is an Open Source HRM system. It provides an ideal solution for small and medium sized enterprises looking for an inexpensive way to effectively manage and develop their human resources."...

MvMmall vulnerability analysis-vulnerability warning-the black bar safety net

Author: Sobiny Through the analysis. This program session in the recording mode by include/session. class. php file. This file mvmsession class view source print? 0 1. function handler 0 2. sessionmodulename’user’; 0 3. sessionsetsavehandler 0 4. array’mvmsession’, ’open’, 0 5...

osCommerce file_manager.php Arbitrary PHP Code Injection

The version of osCommerce hosted on the remote web server allows a remote attacker to access the Admin filemanager utility without authentication. Further, this utility appears to allow arbitrary PHP code to be stored in files under the web server's document directory and then executed subject to...

PABox管理控制面板PHP代码注入漏洞

BUGTRAQ: 8068 paBox的管理员控制面板模块在增加禁止用户访问功能上存在问题，远程攻击者可以利用这个漏洞以WEB权限在系统上执行任意命令。 用户如果可以登录管理员控制版面，由于bannedusers.php脚本对用户提交的URI变量缺少充分检查，攻击者可以通过全局注入来进行变量定义，指定远程系统中的PHP文件作为参数提交给 $file 变量，可导致以WEB进程权限执行PHP文件中包含的恶意代码。 paBox 1.6 厂商补丁： PHP Arena --------- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本：...

Ignition 1.2 - comment Remote Code Injection

Ignition 1.2 - comment Remote Code Injection Ignition Remote Code Execution AUTHOR : Sina Yazdanmehr R3d.W0rm Discovered by : Sina Yazdanmehr R3d.W0rm Our Site : http://IrCrash.com My Official WebSite : http://R3dW0rm.ir IRCRASH Team Members : Khashayar Fereidani - R3d.w0rm Sina Yazdanmehr Downlo...

CVE-2009-2736

CVE-2009-2736 concerns sun-jester OpenNews 1.0. The vulnerability is a static code injection in admin.php that allows remote authenticated administrators to inject arbitrary PHP code into config.php via the “Overall Width” field in a setconfig action. The issue originates from the admin.php compo...

Allomani Mobile 2.5 Remote Blind SQL Injection Exploit

No description provided by source. ?php iniset"maxexecutiontime",0; printr' || || | || o,7 || . o7 || q||| o///, : / / . /QQQQQQQQQQQQQQQQQQQ\ q Allomani Mobile v2.5 /QQQ/\QQQ\ Blind SQL inj. exploit /QQQQQ/ \QQQQQQ\ q GET 3 /QQQQ/ QQQQ\ /QQQQ/ \QQQQ\ q http://allomani.com |QQQQ/ By Qabandi \QQQQ...

CVE-2009-2371

The CVE-2009-2371 entry affects the Drupal module Advanced Forum (6.x) prior to 6.x-1.1. The issue arises when the module allows users to modify their signatures after the comment format has been switched to an administrator-controlled input format, enabling remote authenticated users to inject a...

DB Top Sites 1.0 Remote Command Execution Exploit

No description provided by source. ?php / ------------------------------------------------------------ + About DB Top Sites v1.0 Remote Command Execution Exploit Script homepage : http://www.jnmsolutions.co.uk/topsites/ Author : SirGod Thanks to : Nytro Website : www.mortal-team.org...

phpMyAdmin - &#039;/scripts/setup.php&#039; PHP Code Injection

!/bin/bash CVE-2009-1151: phpMyAdmin '/scripts/setup.php' PHP Code Injection RCE PoC v0.11 by pagvac gnucitizen.org, 4th June 2009. special thanks to Greg Ose labs.neohapsis.com for discovering such a cool vuln, and to str0ke milw0rm.com for testing this PoC script and providing feedback! PoC...

phpMyAdmin - scriptssetup.php PHP Code Injection

phpMyAdmin - scriptssetup.php PHP Code Injection !/bin/bash CVE-2009-1151: phpMyAdmin '/scripts/setup.php' PHP Code Injection RCE PoC v0.11 by pagvac gnucitizen.org, 4th June 2009. special thanks to Greg Ose labs.neohapsis.com for discovering such a cool vuln, and to str0ke milw0rm.com for testin...

Harland Scripts Command Execution

?php //786 / ============================================================================== / \ | | | | / \ | | | | / \ | | | | / \ | || | / \ | | | | / \ | | IN THE NAME OF // \ || || // \ || || ============================================================================== / | | || | | \ | | / ...

Bitweaver <= 2.6 saveFeed() Remote Code Execution Exploit

Exploit for unknown platform in category web applications ========================================================= Bitweaver saveFeed $rssversionname, $cacheFile ; ... it calls saveFeed function in an insecure way, arguments are built on $REQUESTversion var and may contain directory traversal...