phpLDAPadmin orderby Parameter Arbitrary PHP Code Execution

The version of phpLDAPadmin installed on the remote host does not sanitize input to the 'orderby' parameter of the 'cmd.php' script when 'cmd' is set to 'queryengine' before using it in a call to 'createfunction'. An unauthenticated, remote attacker can leverage this issue to execute arbitrary PH...

Code injection

The masort function in lib/functions.php in phpLDAPadmin 1.2.x before 1.2.2 allows remote attackers to execute arbitrary PHP code via the orderby parameter aka sortby variable in a queryengine action to cmd.php, as exploited in the wild in October 2011...

phpAlbum Multiple Security Vulnerabilities

phpAlbum is prone to an arbitrary-file-download vulnerability, multiple cross-site scripting vulnerabilities, and multiple PHP code- injection vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker can exploit these issues to execute arbitrary script code in the...

phpAlbum Multiple Security Vulnerabilities

phpAlbum is prone to an arbitrary-file-download vulnerability, multiple cross-site scripting vulnerabilities, and multiple PHP code- injection vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker can exploit these issues to execute arbitrary script code in the...

PHP Photo Album 0.4.1.16 - Multiple Disclosure Vulnerabilities

PHP Photo Album 0.4.1.16 - Multiple Disclosure Vulnerabilities ---------------------------------------------------------------- PHP Photo Album = 0.4.1.16 Multiple Disclosure Vulnerabilities ---------------------------------------------------------------- Exploit Title: PHP Photo Album = 0.4.1.16...

PHP Photo Album 0.4.1.16 - Multiple Disclosure Vulnerabilities

---------------------------------------------------------------- PHP Photo Album = 0.4.1.16 Multiple Disclosure Vulnerabilities ---------------------------------------------------------------- Exploit Title: PHP Photo Album = 0.4.1.16 Multiple Disclosure Vulnerabilities Google Dork:...

PHP Photo Album 0.4.1.16 Cross Site Scripting / Disclosure

---------------------------------------------------------------- PHP Photo Album Poc 2 http://localhost/phpAlbum/main.php?cmd=albumnew&keyword=XSS Demo :http://www.iloveazucar.com/phpAlbum/main.php?cmd=albumnew&keyword="onmouseover%3dprompt975554 bad%3d" Demo :http://www.dolfpretorius.com/main.ph...

PHP Photo Album <= (0.4.1.16) Multiple Disclosure Vulnerabilities

Exploit for php platform in category web applications ---------------------------------------------------------------- PHP Photo Album = 0.4.1.16 Multiple Disclosure Vulnerabilities ---------------------------------------------------------------- Exploit Title: PHP Photo Album = 0.4.1.16 Multiple...

Dolphin &lt;= 7.0.7 &#40;member_menu_queries.php&#41; Remote PHP Code Injection

-------------------------------------------------------------------- Dolphin = 7.0.7 membermenuqueries.php Remote PHP Code Injection -------------------------------------------------------------------- author...............: EgiX mail.................: n0b0d13satgmaildotcom software link........:...

FreeBSD : phpLDAPadmin -- Remote PHP code injection vulnerability (edf47177-fe3f-11e0-a207-0014a5e3cda6)

EgiX n0b0d13s at gmail dot com reports : The $sortby parameter passed to 'masort' function in file lib/functions.php isn't properly sanitized before being used in a call to createfunction at line 1080. This can be exploited to inject and execute arbitrary PHP code. The only possible attack vector...

phpLDAPadmin 1.2.1.1 - Remote PHP Code Injection (1)

phpLDAPadmin 1.2.1.1 - Remote PHP Code Injection 1 ?php / ------------------------------------------------------------------------ phpLDAPadmin = 1.2.1.1 queryengine Remote PHP Code Injection Exploit ------------------------------------------------------------------------ author...............:...

phpLDAPadmin <= 1.2.1.1 (query_engine) Remote PHP Code Injection

Exploit for php platform in category web applications ?php / ------------------------------------------------------------------------ phpLDAPadmin = 1.2.1.1 queryengine Remote PHP Code Injection Exploit ------------------------------------------------------------------------ author..................

Joomla NoNumber! Extension Manager Plugin Local File Include and PHP code Injection Vulnerabilities

NoNumber! Extension Manager is prone to multiple input-validation vulnerabilities because it fails to properly sanitize user- supplied input. An attacker can exploit these issues to inject arbitrary PHP code and include and execute arbitrary files from the vulnerable system in the context of the...

MODx < 2.0.3-pl class_key Parameter Local File Inclusion

The version of MODx installed on the remote host fails to sanitize user-supplied input to the 'classkey' parameter of the 'manager/controllers/default/resource/tvs.php' script before using it to include PHP code. Using a specially crafted request, a remote, unauthenticated attacker may be able to...

Joomla NoNumber! Extension Manager Plugin LFI and PHP Code Injection Vulnerabilities (Nov 2011) - Active Check

NoNumber! Extension Manager is prone to multiple input validation vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to inject arbitrary PHP code and include and execute arbitrary files from the vulnerable system in the context of the...

Dolphin 7.0.7 - member_menu_queries.php Remote PHP Code Injection

Dolphin 7.0.7 - membermenuqueries.php Remote PHP Code Injection ?php / ---------------------------------------------------------------------------- Dolphin = 7.0.7 membermenuqueries.php Remote PHP Code Injection Exploit ----------------------------------------------------------------------------...

Dolphin 7.0.7 PHP Code Injection

$aItems 8...

Dolphin <= 7.0.7 (member_menu_queries.php) Remote PHP Code Injection

Exploit for php platform in category web applications ?php / ---------------------------------------------------------------------------- Dolphin = 7.0.7 membermenuqueries.php Remote PHP Code Injection Exploit ----------------------------------------------------------------------------...

5w five-dimensional Site Navigation v8. 0 vulnerabilities and fixes-vulnerability warning-the black bar safety net

// upload\i\index.php ? php //Slightly $controller = ! empty$GET'c' ? $GET'c' : 'index'; $action = ! empty$GET'a' ? $GET'a' : 'index'; // //cookie to automatically log and determines the uri if isset$COOKIE'cUser' && $COOKIE'cUser''userID' != 0 $userID = GetCUserID; $domain = GetCUserDomain; $sql...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in Saurus CMS 4.7.0 allow remote attackers to execute arbitrary PHP code via a URL in the classpath parameter to 1 file.php or 2 comdel.php...