ImpressPages cm_group Parameter Remote PHP Code Execution

The ImpressPages install hosted on the remote web server contains a flaw that allows arbitrary PHP code execution. Input passed to the 'cmgroup' parameter is not properly sanitized before being used in a PHP eval function call. An unauthenticated, remote attacker can leverage this vulnerability t...

Prizm Content Connect default.aspx document Parameter Remote File Inclusion

The remote web server hosts Prizm Content Connect, a fully customizable document viewer. The 'default.aspx' script included with the install fails to sanitize user input to the 'document' parameter before reading a file. A remote attacker can leverage this issue to view arbitrary files or execute...

HTTP File Server Multiple Vulnerabilities

HTTP File Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:httpfilesever:hfs";...

Ajax File Manager Remote Code Execution Exploit

Ajax File Manager is vulnable to execute abitrary php code injection, and not solution from the vendor. This is private exploit. You can buy it at https://0day.today...

php-Charts url.php Remote PHP Code Execution

The php-Charts install hosted on the remote web server contains a flaw that could allow arbitrary PHP code execution. Input passed to the 'wizard/url.php' script is not properly sanitized before being used in a PHP eval call. An unauthenticated, remote attacker could leverage this vulnerability t...

ArrowChat 1.5.61 Cross Site Scripting / Local File Inclusion

ArrowChat versions 1.5.61 and below suffer from cross site scripting and local file inclusion vulnerabilities. Exploit Title: ArrowChat = 1.5.61 Multiple vulnerabilities Date: 01/01/2013 Exploit Author: Kallimero Vendor Homepage: http://www.sitexcms.org/ Version: 1.5.61, before, and maybe 1.6...

DataLife Engine preview.php PHP Code Injection

Exploit for php platform in category remote exploits require 'msf/core' class Metasploit3 'DataLife Engine preview.php PHP Code Injection', 'Description' = %q This module exploits a PHP code injection vulnerability DataLife Engine 9.7. The vulnerability exists in preview.php, due to an insecure...

DataLife Engine 9.7 (preview.php) PHP Code Injection Vulnerability

Exploit for php platform in category web applications ------------------------------------------------------------------ DataLife Engine 9.7 preview.php PHP Code Injection Vulnerability ------------------------------------------------------------------ - Software Link: http://dleviet.com/ -...

DataLife Engine 9.7 - 'preview.php' PHP Code Injection

------------------------------------------------------------------ DataLife Engine 9.7 preview.php PHP Code Injection Vulnerability ------------------------------------------------------------------ - Software Link: http://dleviet.com/ - Affected Version: 9.7 only. - Vulnerability Description: Th...

DataLife Engine 9.7 - preview.php PHP Code Injection

DataLife Engine 9.7 - preview.php PHP Code Injection ------------------------------------------------------------------ DataLife Engine 9.7 preview.php PHP Code Injection Vulnerability ------------------------------------------------------------------ - Software Link: http://dleviet.com/ - Affect...

Drupal Video Module 任意PHP代码执行漏洞

BUGTRAQ ID: 57525 Drupal是一款开源的内容管理平台。 Drupal Video 7.x-2.x模块存在任意PHP代码执行漏洞，攻击者可利用此漏洞在Web服务器上下文中执行任意PHP代码。 0 Drupal Video module 厂商补丁： Drupal ------ 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://drupal.org/project/video...

Floating Social Media Links Plugin for WordPress 'wpp' Parameter Remote File Inclusion

The Floating Social Media Links Plugin for WordPress installed on the remote host is affected by a remote file inclusion vulnerability due to a failure to properly sanitize user-supplied input to the 'wpp' parameter of the 'fsml-hideshow.js.php' script. This vulnerability could allow an...

CVE-2012-6509

Unrestricted file upload vulnerability in NetArt Media Car Portal 3.0 allows remote attackers to execute arbitrary PHP code by uploading a file a double extension, as demonstrated by .php%00.jpg...

Unrestricted file upload

Unrestricted file upload vulnerability in NetArt Media Car Portal 3.0 allows remote attackers to execute arbitrary PHP code by uploading a file a double extension, as demonstrated by .php%00.jpg...

SQLiteManager 1.2.4 - Remote PHP Code Injection

SQLiteManager 1.2.4 - Remote PHP Code Injection !/usr/bin/env python ''' Description: =============================================================== Exploit Title: SQLiteManager 0Day Remote PHP Code Injection Vulnerability Google Dork: intitle:SQLiteManager inurl:sqlite/ Date: 23/01/2013 Exploit...

Server: Code execution in external storage

Due to not sufficiently sanitizing the user input in "settings/personal.php" in ownCloud 4.5.x before 4.5.6 an authenticated remote attackers may be able to execute arbitrary code by entering special crafted PHP code in the mount point settings. For more information please consult the official...

Joomla! com_collector Component Arbitrary File Upload Vulnerability (Jan 2013) - Active Check

Joomla! with comcollector component is prone to a file upload vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

PHP-Charts - Arbitrary PHP Code Execution

PHP-Charts - Arbitrary PHP Code Execution =============================================================== Vulnerable Software: php-chartv1.0 Official Site: http://php-charts.com/ Vuln: PHP Code Execution. =============================================================== Tested On: Debian squeeze...

WordPress Shopping Cart Plugin Multiple Vulnerabilities

WordPress Shopping Cart Plugin is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

TYPO3 T3 jQuery Extension任意PHP代码执行漏洞

BUGTRAQ ID: 57280 Typo3是开源内容管理系统（CMS）和内容管理框架（CMF）。 TYPO3 T3 jQuery 2.2.0及之前版本对用户控制的输入使用了 "unserialize"，可被利用执行任意PHP代码。 0 TYPO3 T3 jQuery extension = 2.2.0 厂商补丁： TYPO3 ----- TYPO3已经为此发布了一个安全公告（typo3-ext-sa-2013-001）以及相应补丁: typo3-ext-sa-2013-001：TYPO3-EXT-SA-2013-001: Several vulnerabilities in thir...