Fly-High CMS 2012-07-08 - Unrestricted File Upload Exploit

No description provided by source. ?php / ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team .. +---------------------------^----------| ,-------, | / XXXXXX /| / / XXXXXX / \ / / XXXXXX /\ / XXXXXX / / XXXXXX / ------' Exploit Title : Fly-High CMS...

cPanel <= 11.21 - 'wwwact' Remote Privilege Escalation Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/29277/info cPanel is prone to a remote privilege-escalation vulnerability because of an unspecified error. Successfully exploiting this issue allows remote attackers to gain administrative privileges to the affected...

AzDGVote 0 Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17447/info AzDGVote is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary...

Vote! Pro 4.0 - Multiple PHP Code Execution Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/22191/info Multiple VoIP phones using the Aredfox PA168 Chipset are prone to a session-hijacking vulnerability due to a design error. An attacker can exploit this issue to gain administrative access to the embedded...

GenesisTrader 1.0 form.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/21595/info GenesisTrader is prone to multiple input-validation vulnerabilities because the application fails to sufficiently sanitize user-supplied input. These issues include multiple information-disclosure...

ezContents 2.0.3 toprated.php GLOBALS[language_home] Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/19776/info ezContents is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote fi...

e107 website system 0.6 "email article to a friend" Feature XSS

No description provided by source. source: http://www.securityfocus.com/bid/10436/info e107 is prone to multiple cross-site scripting, HTML injection, file inclusion, and SQL injection vulnerabilities. This may compromise various security properties of a Web site running the software, including...

Indexu 5.0 - Multiple Remote File Include Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/17470/info The 'indexu' application is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these...

mcGalleryPRO <= 2006 (path_to_folder) Remote Include Vulnerability

No description provided by source. SolpotCrew Community Mcgallerypro pathtofolder Remote File Inclusion Download file : http://phpforums.net/mcgp/mcgp.zip/mcgp.zip Bug Found By :Solpot a.k.a k. Hasibuan 10-09-2006 contact: [email protected] Website :...

DoceboLMS 2.0.x Lang Parameter Multiple Remote File Include Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/18110/info DoceboLMS is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to include...

Dotproject 2.0 /modules/public/calendar.php baseDir Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/16648/info Dotproject is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to includ...

VWar 1.5 joinus.php vwar_root Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/19387/info VWar is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote file...

L2J Statistik Script <= 0.09 (index.php page) Local File Include Exploit

No description provided by source. ? print ' | \ | \ \ / | | | | | | | \ \ \ / \ \ | \ \ / \ | \ | | | / \ | \ \ \ / / | | | | | | | | | | ||/ // |./ |/\ ./ |/ || | \ \ / \ \ / | | | / | | | | | | \ | \ \ | \ | | / | | | / | | | / | |/ ,||./ | |,||\ Rev.4 www.codebreak.tk -...

Community CMS 0.1 'include.php' Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/30275/info Community CMS is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker can exploit this issue to execute malicious PHP code in the context of the...

Dotproject 2.0 /modules/projects/gantt2.php dPconfig[root_dir] Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/16648/info Dotproject is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to includ...

IceWarp Universal WebMail /mail/include.html - Crafted HTTP_USER_AGENT Arbitrary File Access

No description provided by source. source: http://www.securityfocus.com/bid/16069/info IceWarp Universal WebMail is prone to multiple input-validation vulnerabilities. Deerfield VisNetic Mail Server and Merak Mail Server integrate IceWarp Universal WebMail into their suites. An attacker can explo...

ezContents 2.0.3 calendar.php GLOBALS[language_home] Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/19776/info ezContents is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote fi...

PmWiki <= 2.2.34 (pagelist) Remote PHP Code Injection Exploit

No description provided by source. ?php / ------------------------------------------------------------- PmWiki = 2.2.34 pagelist Remote PHP Code Injection Exploit ------------------------------------------------------------- author...............: Egidio Romano aka EgiX mail.................:...

ExBB 1.9.1 Home_Path Parameter Multiple Remote File Include Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/19787/info ExBB is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote file containing...

CMS Made Simple 0.10 Lang.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14709/info CMS Made Simple is prone to a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may exploit this issue to execute arbitra...