Limbo CMS <= 1.0.4.2L (com_contact) Remote Code Execution Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? printr' ----------------------------------------------------------------------------- Limbo = 1.0.4.2L comcontact remote commands execution exploit by rgod [email protected] site: http://retrogod.altervista.org dorks:...

ownCloud 4.0.x, 4.5.x (upload.php, filename param) - Remote Code Execution

No description provided by source. Vulnerability title: Remote Code Execution in ownCloud CVE: CVE-2014-2044 Vendor: ownCloud Product: ownCloud Affected version: 4.0.x & 4.5.x Fixed version: 5.0 Reported by: Alejo Murillo Moya Details: A remote code execution has been found and confirmed within...

lastRSS autoposting bot MOD 0.1.3 'phpbb_root_path' Parameter Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/33843/info lastRSS autoposting bot MOD is prone to a remote file-include vulnerability because the application fails to properly sanitize user-supplied input. An attacker can exploit this issue to include arbitrary remote...

KC Wiki 1.0 - simplest/wiki.php page Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/28074/info KC Wiki is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to include arbitrary remote files containing...

Indexu 5.0.1 - Multiple Remote File Include Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/18477/info Indexu is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to include...

Mambo LMTG Myhomepage 1.2 Component Multiple Remote File Include Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/19584/info The lmtgmyhomepage component for Mambo is prone multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitra...

MyBloggie 2.1.x Mybloggie_Root_Path Parameter Multiple Remote File Include Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/19449/info MyBloggie is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to include arbitrary remote files containing...

@lex Guestbook <= 4.0.2 - Remote Command Execution Exploit

No description provided by source. !/usr/bin/php ?php // | | header @lex Guestbook = 4.0.2 Remote Command Execution Exploit | header ======================================================== | status Retrieving the administrator password | sploit AdminUsername::root | sploit AdminPassword::toor |...

PHPGroupWare 0.9.14 Tables_Update.Inc.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/12074/info phpGroupWare is prone to a remote file include vulnerability, potentially allowing the execution of malicious PHP code. This would occur in the context of the affected web server. The tablesupdate.inc.php scrip...

PEEL 1.0 b Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6496/info PEEL is prone to an issue which may allow remote attackers to include arbitrary files located on remote servers. An attacker may exploit this by supplying a path to a maliciously created file, located on an...

HiveMail 1.2.2/1.3 folders.update.php folderid Variable Arbitrary PHP Command Execution

No description provided by source. source: http://www.securityfocus.com/bid/16591/info HiveMail is prone to multiple vulnerabilities. These vulnerabilities may allow the execution of arbitrary PHP code, cross-site scripting attacks, and SQL injection. The PHP code-execution issues are the result ...

Shop-Script FREE <= 2.0 - Remote Command Execution Exploit

No description provided by source. ?php Shop-Script FREE = 2.0 Remote Command Execution Exploit by InATeam tested on versions 1.2 and 2.0 works regardless magicquotesgpc=on Greetz: eXp, Kuzya, cxim, Russian, ENFIX echo --------------------------------------------------------\n; echo Shop-Script...

AppServ Open Project 2.4.5 - Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16166/info AppServ Open Project is prone to a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to execute...

vTiger CRM SOAP AddEmailAttachment - Arbitrary File Upload

No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rexml/document' class Metasploit3 Msf::Exploit::Remote Rank = ExcellentRanking include REXML include...

Tiki Wiki <= 8.3 unserialize() PHP Code Execution

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...

Mambo Rssxt Component 1.0 MosConfig_absolute_path Multiple Remote File Include Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/19593/info The Mambo Rssxt component for Joomla and Mambo is prone multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an...

Wordpress Plugin WP-Syntax <= 0.9.1 - Remote Command Execution

No description provided by source. ============================================================ Wordpress Plugin WP-Syntax = 0.9.1 Remote Command Execution ============================================================ 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /...

cms s.builder <= 3.7 - Remote File Inclusion Vulnerability

No description provided by source. CMS S.Builder = 3.7 RFI Vulnerability Information: Vendor: http://www.sbuilder.ru Affected versions: 3.7 and possibly later versions Description: The engine of this cms makes site files index.php, etc with code like: --- PHP Code: if...

Xcms 1.1/1.7 Password Parameter Arbitrary PHP Code Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/25771/info Xcms is prone to a vulnerability that lets attackers execute arbitrary PHP code because the application fails to properly sanitize user-supplied input. An attacker can exploit this issue to execute arbitrary...

MiniBB 1.5 News.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/19095/info MiniBB is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include arbitrary remote files containing malicious PHP co...