CVE-2014-2088

Summary : CVE-2014-2088 refers to an unrestricted file upload in ILIAS 4.4.1 (ilias.php) that allows remote authenticated users to execute arbitrary PHP code by uploading a .php filename via the upload_files action to the uploadFiles command and then accessing the uploaded file through a client_i...

Code injection

admin/libraries/view.functions.php in FreePBX 2.9 before 2.9.0.14, 2.10 before 2.10.1.15, 2.11 before 2.11.0.23, and 12 before 12.0.1alpha22 does not restrict the set of functions accessible to the API handler, which allows remote attackers to execute arbitrary PHP code via the function and args...

Kloxo SQL注入和远程代码执行漏洞

No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote include Msf::Exploit::Remote::HttpClient include Msf::Exploit::FileDropper Ran...

EasyTalk开源微博系统SQL注入

简要描述： 搞开发的，把产品自身安全做好才是王道，而不是借助某些所谓的安全产品来帮助防御！ 详细说明： Location: Home/Lib/Action/SpaceAction.class.php 代码片段 //profile 获得用户 public function getuser if $this-my'username'==$GET'username' $user=$this-my; else //$GETusername参数未过滤，这里的$GETusername，就是url上的t.nextsns.com/?username...

Kloxo SQL Injection / Remote Code Execution Exploit

This Metasploit module exploits an unauthenticated SQL injection vulnerability affecting Kloxo, as exploited in the wild on January 2014. The SQL injection issue can be abused in order to retrieve the Kloxo admin cleartext password from the database. With admin access to the web control panel,...

Comet WebFileManager CheckUpload.php Language Parameter PHP Code Execution - Ver2 (CVE-2006-4077)

A code execution vulnerability has been reported in Vincenzo Valvano Comet WebFileManager CWFM. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Joomla JomSocial 2.6 Code Execution

!/usr/bin/python Joomla! JomSocial component = 2.6 PHP code execution exploit Authors: - Matias Fontanini - Gaston Traberg This exploit allows the execution of PHP code without any prior authentication on the Joomla! JomSocial component. Note that in order to be able to execute PHP code, both the...

Boite de News index.php url_index Parameter PHP Code Execution - Ver2 (CVE-2006-4123)

A code execution vulnerability has been reported in Boite de News. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

bloofoxCMS多个安全漏洞

Bugtraq ID:65019 bloofox CMS是一款内容管理系统。 bloofox CMS不正确过滤用户提交的输入，允许远程攻击者利用漏洞进行SQL注入，文件包含，跨站请求伪造攻击。 0 bloofox CMS 0.5.0 目前没有详细解决方案提供： http://www.bloofox.com/download.21.html EXPLOIT http://localhost/admin/index.php?mode=settings&page=editor&fileurl=config.php !/usr/bin/perl Title : bloofoxCMS V0.5.0...

Multiple Vulnerabilities in Eventum

High-Tech Bridge Security Research Lab discovered vulnerability in Eventum, which can be exploited to reinstall and compromise vulnerable application. 1 Incorrect Default Permissions in Eventum: CVE-2014-1631 The vulnerability exists due to incorrect default permission set for installation script...

bloofoxCMS 0.5.0 CSRF / PHP Code Injection

!/usr/bin/perl Title : bloofoxCMS V0.5.0 - Csrf inject php code Author : AtT4CKxT3rR0r1ST Contact : [email protected] , [email protected] Home : http://www.iphobos.com/blog/ Script : http://www.bloofox.com/download.21.html Version : 0.5.0 Dork : "Powered by bloofoxCMS" Vulnerability In Languag...

BloofoxCMS 0.5.0 - Multiple Vulnerabilities

BloofoxCMS 0.5.0 - Multiple Vulnerabilities bloofoxCMS V0.5.0 - Multiple Vulnerabilties =================================================================== .:. Author : AtT4CKxT3rR0r1ST .:. Contact : [email protected] , [email protected] .:. Home : http://www.iphobos.com/blog/ .:. Script :...

[Weevely v1.1] Stealth tiny PHP web shell

Weevely is a stealth PHP web shell that provides a telnet-like console. It is an essential tool for web application post exploitation , and can be used as stealth backdoor or as a web shell to manage legit web accounts, even free hosted ones. Weevely is currently included in Backtrack and Backbox...

vTiger CRM SOAP AddEmailAttachment Arbitrary File Upload

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rexml/document' class Metasploit3 'vTiger CRM SOAP AddEmailAttachment Arbitrary File Upload', 'Description' = %q vTiger CRM allows an user to...

Knusperleicht Shoutbox index.php sb_include_path Parameter PHP Code Execution - Ver2 (CVE-2006-3989)

A code execution vulnerability has been reported in Knusperleicht Shoutbox. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

IRSR pageheaderdefault.inc.php sysSessionPath Parameter PHP Code Execution - Ver2 (CVE-2006-4237)

A code execution vulnerability has been reported in Invisionix Roaming System Remote IRSR. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

vTiger CRM 5.4.0 SOAP - AddEmailAttachment Arbitrary File Upload (Metasploit)

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rexml/document' class Metasploit3 'vTiger CRM SOAP AddEmailAttachment Arbitrary File Upload', 'Description' = %q vTiger CRM allows an user to...

TYPO3 Autoloader Command Execution Vulnerability

TYPO3 is prone to a command execution vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:typo3:typo3"; ifdescription...

PT-2014-87: Local File Inclusion in ShopOS

The specialists of the Positive Research center have detected a Local File Inclusion vulnerability in ShopOS. Insufficient validation of user input in the index.php script allows remote attackers to include files located on the attacked server and thus execute a PHP code. It may result in sensiti...

PT-2014-85: Local File Inclusion in ShopOS

The specialists of the Positive Research center have detected a Local File Inclusion vulnerability in ShopOS. Insufficient validation of user input in the 3.php script allows remote attackers to include files located on the attacked server and thus execute a PHP code. It may result in sensitive...