7207 matches found
SPIP 'connect' Parameter PHP Code Injection Vulnerability (Aug 2013) - Active Check
SPIP is prone to a remote PHP code injection vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:spip:spip"; if...
Multiple Vulnerabilities in Gnew
High-Tech Bridge Security Research Lab discovered multiple vulnerabilities in Gnew, which can be exploited to execute arbitrary PHP code and pefrom SQL injection attacks against vulnerable application. 1 PHP File Inclusion in Gnew: CVE-2013-5639 Vulnerability exists due to insufficient validation...
mooSocial 1.3 - Multiple Vulnerabilities
mooSocial 1.3 - Multiple Vulnerabilities Exploit Title: mooSocial 1.3 - Multiple Vulnerabilites Official site: http://www.moosocial.com Risk Level: High Exploit Author: Esac Homepage author : www.iss4m.ma Last Checked: 22/08/2013 +----------+ | OVERVIEW | +----------+ mooSocial is a social...
OpenX flowplayer-3.1.1.min.js Backdoor Remote Code Execution
The version of OpenX installed on the remote host contains a backdoor and allows the execution of arbitrary PHP code, subject to the privileges under which the web server operates. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...
OpenNetAdmin 'ona.log' File Remote PHP Code Execution Vulnerability
OpenNetAdmin is prone to a remote PHP code-execution vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...
OpenX Releases Security Update
OpenX has released an important security update for OpenX Source, the open source ad serving product. The downloadable ZIP archive of OpenX Source 2.8.10 was compromised to include a backdoor that would allow an attacker to upload and execute arbitrary PHP code. Compromised OpenX Source ad server...
Unrestricted file upload
Unrestricted file upload vulnerability in view.php in Machform 2 allows remote attackers to execute arbitrary PHP code by uploading a PHP file, then accessing it via a direct request to the file in the upload form's directory in data/...
OpenNetAdmin 13.03.01 - Remote Code Execution
Exploit Title: OpenNetAdmin Remote Code Execution Date: 03/04/13 Exploit Author: Mandat0ry aka Matthew Bryant Vendor Homepage: http://opennetadmin.com/ Software Link: http://opennetadmin.com/download.html Version: 13.03.01 Tested on: Ubuntu CVE : No CVE exists - 0day exploit - probably works on t...
OpenNetAdmin 13.03.01 - Remote Code Execution
OpenNetAdmin 13.03.01 - Remote Code Execution Exploit Title: OpenNetAdmin Remote Code Execution Date: 03/04/13 Exploit Author: Mandat0ry aka Matthew Bryant Vendor Homepage: http://opennetadmin.com/ Software Link: http://opennetadmin.com/download.html Version: 13.03.01 Tested on: Ubuntu CVE : No C...
OpenNetAdmin 13.03.01 Remote Code Execution
Exploit Title: OpenNetAdmin Remote Code Execution Date: 03/04/13 Exploit Author: Mandat0ry aka Matthew Bryant Vendor Homepage: http://opennetadmin.com/ Software Link: http://opennetadmin.com/download.html Version: 13.03.01 Tested on: Ubuntu CVE : No CVE exists - 0day exploit - probably works on t...
CVE-2013-3651
LOCKON EC-CUBE 2.11.2 through 2.12.4 allows remote attackers to conduct unspecified PHP code-injection attacks via a crafted string, related to data/class/SCCheckError.php and data/class/SCFormParam.php...
PHP PHP-Charts Remote Code Execution
The vulnerability is due to lack of input sanitization in the affected function. A remote attacker can exploit this issue by sending a specially crafted script to the target server. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary PHP code...
imacs CMS 0.3.0 - Unrestricted Arbitrary File Upload
imacs CMS 0.3.0 - Unrestricted Arbitrary File Upload ?php / ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team .. +---------------------------^----------| ,-------, | / XXXXXX /| / / XXXXXX / \ / / XXXXXX /\ / XXXXXX / / XXXXXX / ------' Exploit...
Fly-High CMS 2012-07-08 Shell Upload
?php / ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team .. +---------------------------^----------| ,-------, | / XXXXXX /| / / XXXXXX / \ / / XXXXXX /\ / XXXXXX / / XXXXXX / ------' Exploit Title : Fly-High CMS Unrestricted File Upload Exploit...
Havalite CMS 1.1.7 - Unrestricted Arbitrary File Upload
Havalite CMS 1.1.7 - Unrestricted Arbitrary File Upload ?php / ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team .. +---------------------------^----------| ,-------, | / XXXXXX /| / / XXXXXX / \ / / XXXXXX /\ / XXXXXX / / XXXXXX / ------' Exploit...
Havalite CMS 1.1.7 - Unrestricted File Upload Exploit
Exploit for php platform in category web applications ?php / ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team .. +---------------------------^----------| ,-------, | / XXXXXX /| / / XXXXXX / \ / / XXXXXX /\ / XXXXXX / / XXXXXX / ------' Exploit...
Havalite CMS 1.1.7 Shell Upload
?php / ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team .. +---------------------------^----------| ,-------, | / XXXXXX /| / / XXXXXX / \ / / XXXXXX /\ / XXXXXX / / XXXXXX / ------' Exploit Title : Havalite CMS Unrestricted File Upload Exploit...
230CMS Remote Code Execution Exploit
Exploit for php platform in category web applications '; $defaulttime = isset$POST'defaulttime' ? $POST'defaulttime' : 'UTC'; $dbhost = isset$POST'dbhost' ? $POST'dbhost' : 'localhost'; $dbname = isset$POST'dbname' ? $POST'dbname' : ''; $dbuser = isset$POST'dbuser' ? $POST'db...
PHP file include vulnerability attack and Defense combat-vulnerability warning-the black bar safety net
Summary PHP is a very popular Web development language on the Internet many Web applications are using PHP development. And in the use of PHP development of Web applications, PHP file include vulnerability is a Common Vulnerability. The use of PHP file include vulnerabilities intrusion website is...
mkCMS - 'index.php' Arbitrary PHP Code Execution
source: https://www.securityfocus.com/bid/60488/info mkCMS is prone to an arbitrary PHP code-execution vulnerability. An attacker can exploit this issue to execute arbitrary PHP code within the context of the affected application. mkCMS 3.6 is vulnerable; other versions may also be affected...