7206 matches found
Code injection
Static code injection vulnerability in inc/function.base.php in Ajax File and Image Manager before 1.1, as used in tinymce before 1.4.2, phpMyFAQ 2.6 before 2.6.19 and 2.7 before 2.7.1, and possibly other products, allows remote attackers to inject arbitrary PHP code into data.php via crafted...
CVE-2011-4825
Static code injection vulnerability in inc/function.base.php in Ajax File and Image Manager before 1.1, as used in tinymce before 1.4.2, phpMyFAQ 2.6 before 2.6.19 and 2.7 before 2.7.1, and possibly other products, allows remote attackers to inject arbitrary PHP code into data.php via crafted...
Traq admincp/common.php Remote Code Execution
This module exploits an arbitrary command execution vulnerability in Traq 2.0 to 2.3. It's in the admincp/common.php script. This function is called in each script located in the /admicp/ directory to make sure the user has admin rights. This is a broken authorization schema because the header...
Docebo Lms 4.0.4 - Messages Remote Code Execution
Docebo Lms 4.0.4 - Messages Remote Code Execution if$GLOBALS'modname' != '' $modulecfg =& createModule...
Traq 2.3 - Authentication Bypass / Remote Code Execution
group'isadmin' 32. header"Location: login.php"; 33. This function is called in each script located into /admicp/ directory to make sure the user has admin rights, but this is a broken authorization schema due to the header function doesn't stop the execution flow. This can be exploited by malicio...
WikkaWiki Multiple Security Vulnerabilities
WikkaWiki is prone to multiple security vulnerabilities, including: 1. An SQL injection vulnerability. 2. An arbitrary file upload vulnerability. 3. An arbitrary file deletion vulnerability. 4. An arbitrary file download vulnerability. 5. A PHP code injection vulnerability. Attackers can exploit...
WikkaWiki Multiple Security Vulnerabilities
WikkaWiki is prone to multiple security vulnerabilities, including: - An SQL injection vulnerability. - An arbitrary file upload vulnerability. - An arbitrary file deletion vulnerability. - An arbitrary file download vulnerability. - A PHP code injection vulnerability. SPDX-FileCopyrightText: 201...
Support Incident Tracker 3.45 - 3.65 RCE Vulnerability
Support Incident Tracker is prone to a remote code execution RCE vulnerability because the application fails to sufficiently sanitize user-supplied input. Copyright C 2011 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
PmWiki Pagelist 'order' Parameter PHP Code Injection Vulnerability
The host is running PmWiki and is prone to PHP code injection vulnerability. OpenVAS Vulnerability Test $Id: secpodpmwikipagelistorderparamphpcodeinjvuln.nasl 7029 2017-08-31 11:51:40Z teissa $ PmWiki Pagelist 'order' Parameter PHP Code Injection Vulnerability Authors: Sooraj KS Copyright:...
PmWiki <= 2.2.34 (pagelist) Remote PHP Code Injection Vulnerability
------------------------------------------------------------------- PmWiki = 2.2.34 pagelist Remote PHP Code Injection Vulnerability ------------------------------------------------------------------- author...............: Egidio Romano aka EgiX mail.................: n0b0d13satgmaildotcom...
PmWiki 2.2.34 - 'pagelist' Remote PHP Code Injection (1)
$r 454. if @$PageListSortCmp$o 455. $code .= "$c = $PageListSortCmp$o; "; 456. else 457. $code .= "$c = @strcasecmp$PCache$x'$o',$PCache$y'$o'; "; 458. $code .= "if $c return $r$c;\n"; 459. 460. StopWatch'PageListSort sort'; 461. if $code 462. uasort$list, 463. createfunction'$x,$y',...
PmWiki <= 2.2.34 (pagelist) Remote PHP Code Injection Exploit
Exploit for php platform in category web applications $r 454. if @$PageListSortCmp$o 455. $code .= "$c = $PageListSortCmp$o; "; 456. else 457. $code .= "$c = @strcasecmp$PCache$x'$o',$PCache$y'$o'; "; 458. $code .= "if $c return $r$c;\n"; 459. 460. StopWatch'PageListSort sort'; 461. if...
Support Incident Tracker (SiT!) <= 3.65 Multiple Vulnerabilities
Support Incident Tracker SiT! is prone to multiple vulnerabilities. Copyright C 2011 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...
Support Incident Tracker (SiT!) Multiple Input Validation Vulnerabilities
Support Incident Tracker SiT! is prone to the following input- validation vulnerabilities: 1. A cross-site scripting vulnerability 2. An SQL-injection vulnerability 3. A PHP code-injection vulnerability 4. A path-disclosure vulnerability 5. An arbitrary-file-upload vulnerability Exploiting these...
FreeWebShop 2.2.9 R2 - 'ajax_save_name.php' Remote Code Execution
get; 41. ifremoveTrailingSlash$sessionAction-getFolder == getParentPath$POST'id' && sizeof$selectedDocuments 42. 43. if$key = arraysearchbasename$POST'id', $selectedDocuments !== false 44. 45. $selectedDocuments$key = $POST'value'; 46. $sessionAction-set$selectedDocum...
Wordpress Zingiri Plugin <= 2.2.3 (ajax_save_name.php) Remote Code Execution
No description provided by source. ?php / ------------------------------------------------------------------------ Wordpress Zingiri Web Shop Plugin = 2.2.3 Remote Code Execution Exploit ------------------------------------------------------------------------ author...............: Egidio Romano...
WordPress Zingiri 2.2.3 Code Execution
get; 41. ifremoveTrailingSlash$sessionAction-getFolder == getParentPath$POST'id' && sizeof$selectedDocuments 42. 43. if$key = arraysearchbasename$POST'id', $selectedDocuments !== false 44. 45. $selectedDocuments$key = $POST'value'; 46. $sessionAction-set$selectedDocuments; 47. 48. 49. echo...
phpLDAPadmin <= 1.2.1.1 (query_engine) Remote PHP Code Injection Exploit
phpLDAPadmin = 1.2.1.1 queryengine Remote PHP Code Injection Exploit author...............: EgiX mail.................: n0b0d13satgmaildotcom software link........: http://phpldapadmin.sourceforge.net/ affected versions....: from 1.2.0 to 1.2.1.1 - vulnerable code in /lib/functions.php 1002...
Code injection
Static code injection vulnerability in install.php in e107 CMS 0.7.24 and probably earlier versions, when the installation script is not removed, allows remote attackers to inject arbitrary PHP code into e107config.php via a crafted MySQL server name...
CVE-2011-1513
The CVE-2011-1513 entry concerns e107 CMS prior to 0.7.24 where the installation script is not removed, enabling a remote attacker to inject PHP via a crafted MySQL server name and overwrite e107_config.php. Core Security’s advisory CORE-2011-0810 documents OS command injection with code executio...