[eVuln.com] PHP Code Execution in Alguest

New eVuln Advisory: PHP Code Execution in Alguest Summary: http://evuln.com/vulns/153/summary.html Details: http://evuln.com/vulns/153/description.html -----------Summary----------- eVuln ID: EV0153 Software: Alguest Vendor: n/a Version: 1.1c-patched Critical Level: high Type: PHP Code Execution...

Pulse CMS Basic Local File Include Vulnerability

Pulse CMS Basic is prone to a local file-include vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:pulsecms:pulsecms...

Alguest 1.1c-patched Code Execution

New eVuln Advisory: PHP Code Execution in Alguest Summary: http://evuln.com/vulns/153/summary.html Details: http://evuln.com/vulns/153/description.html -----------Summary----------- eVuln ID: EV0153 Software: Alguest Vendor: n/a Version: 1.1c-patched Critical Level: high Type: PHP Code Execution...

CVE-2010-4281

Incomplete blacklist vulnerability in the safeurlextraclean function in ajax.php in Pandora FMS before 3.1.1 allows remote attackers to execute arbitrary PHP code by using a page parameter containing a UNC share pathname, which bypasses the check for the : colon character...

CVE-2010-4281

CVE-2010-4281 describes an incomplete blacklist vulnerability in Pandora FMS prior to 3.1.1. The issue lies in the safe_url_extraclean function used by ajax.php (parameter page); it filters the colon character but fails to prevent UNC paths, allowing an attacker to reference remote resources (e.g...

Digitalus 1.10.0 Alpha2 Arbitrary File Upload Vulnerability

Exploit for php platform in category web applications =========================================================== Digitalus 1.10.0 Alpha2 Arbitrary File Upload Vulnerability =========================================================== +Script: Digitalus +Version: 1.10.0 Alpha2 +vendor:...

Pandora FMS Authentication Bypass And Multiple Input Validation Vulnerabilities

Pandora FMS is prone to an authentication-bypass vulnerability as well as the following input-validation vulnerabilities: 1. A command-injection vulnerability 2. Multiple SQL-injection vulnerabilities 3. A remote file-include vulnerability 4. An arbitrary PHP-code-execution vulnerability 5...

Pandora FMS <= 3.1 Multiple Input Validation Vulnerabilities - Active Check

Pandora FMS is prone to an authentication bypass vulnerability as well as the following input-validation vulnerabilities: - A commandinjection vulnerability - Multiple SQL injection SQLi vulnerabilities - A remote file include RFI vulnerability - An arbitrary PHP code execution vulnerability -...

RSForm! Component for Joomla! 'lang' Parameter Local File Include

The version of the RSForm! component for Joomla! running on the remote host is affected by a local file include vulnerability due to improper sanitization of user-supplied input to the 'lang' parameter before using it in the forme.php script to include PHP code. An unauthenticated, remote attacke...

vtiger CRM phprint.php lang_crm Parameter Local File Inclusion

The version of vtiger CRM installed on the remote host does not sanitize user input to the 'langcrm' parameter of the 'phprint.php' script before using it to include PHP code. An unauthenticated, remote attacker may be able to leverage this issue to view arbitrary files or possibly execute...

MetInfo 3.0 PHP code injection vulnerability(getshell)-vulnerability warning-the black bar safety net

Official website: http://www.metinfo.cn/ Keyword:"Powered by MetInfo 3.0" Description: In the file/include/common. inc. php 6 line 7: evalbase64decode$allclass0; $allclass0 variable is not initialized, so we can control its value, the code injection use. POC: the...

JAF CMS Multiple Remote File Include and Remote Shell Command Execution Vulnerabilities

JAF CMS is prone to an shell-command-execution vulnerability and multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit the remote shell-command-execution issue to execute arbitrary shell commands in the context...

RoSPORA <= 1.5.0 Remote PHP Code Injection

Exploit for php platform in category web applications ========================================== RoSPORA '; 671. $link=$SERVER'PHPSELF'."?f=".$flag."&s="; 672. 673. if !empty$plarray 674. 675. usort$plarray, createfunction'$a, $b', 'if $a'.$sort.' == $b'.$sort.' return 0; if $a'.$sort.'...

RoSPORA 1.5.0 - Remote PHP Code Injection

'; 671. $link=$SERVER'PHPSELF'."?f=".$flag."&s="; 672. 673. if !empty$plarray 674. 675. usort$plarray, createfunction'$a, $b', 'if $a'.$sort.' == $b'.$sort.' return 0; if $a'.$sort.' '.$sorttype.' $b'.$sort.' return -1; return 1;'; 676. Input parameter passed through $GET's' isn't properly...

RoSPORA 1.5.0 - Remote PHP Code Injection

RoSPORA 1.5.0 - Remote PHP Code Injection '; 671. $link=$SERVER'PHPSELF'."?f=".$flag."&s="; 672. 673. if !empty$plarray 674. 675. usort$plarray, createfunction'$a, $b', 'if $a'.$sort.' == $b'.$sort.' return 0; if $a'.$sort.' '.$sorttype.' $b'.$sort.' return -1; return 1;'; 676. Input parameter...

Joomla! JomSocial component arbitrary file upload vulnerability and fix-vulnerability warning-the black bar safety net

Affected version: JomSocial JomSocial 1.8.9 vulnerability description: Joomla! Is an open source content management system CMS to. Joomla! JomSocialy Assembly on the realization of the presence of design vulnerabilities, a remote attacker could exploit this vulnerability to upload arbitrary files...

Webboard (topic_id=) SQL Injection Vulnerability

Exploit for php platform in category web applications ================================================ Webboard topicid= SQL Injection Vulnerability ================================================ ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. cucunya kongSANUN ;...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in themes/default/index.php in Free Simple CMS 1.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the 1 body, 2 footer, 3 header, 4 menuleft, or 5 menuright parameter...

Multi-lingual E-Commerce System 0.2 Multiple Vulnerabilities - Active Check

Multi-lingual E-Commerce System is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PHP168 V6. 0 2 getshell 0day-vulnerability warning-the black bar safety net

First register a member,after landing on the address bar submit: http://v6.php168.com/member/post.php?only=1&showHtmlTypebencandy1=$phpinfo&aid=1&job=endHTML You can see the implementation of the phpinfo...