DrBenHur.com DBHcms 1.1.4 - 'dbhcms_core_dir' Parameter Remote File Include Vulnerability

DrBenHur.com DBHcms 1.1.4 'dbhcmscoredir' Parameter Remote File Include Vulnerability. Webapps exploit for php platform source: http://www.securityfocus.com/bid/37498/info DrBenHur.com DBHcms is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input...

MvMmall vulnerability analysis-vulnerability warning-the black bar safety net

Author: Sobiny Through the analysis. This program session in the recording mode by include/session. class. php file. This file mvmsession class view source print? 0 1. function handler 0 2. sessionmodulename’user’; 0 3. sessionsetsavehandler 0 4. array’mvmsession’, ’open’, 0 5...

mypage 0.4 - Local File Inclusion

mypage 0.4 - Local File Inclusion mypage0.4 LFI Vulnerability Author: BAYBORA Site: www.1923turk.biz Exploit: Vuln file: index.php?page=LFI Exploit: POST http://server/index.php?page=../../../../../../../../etc/passwd index.php ifisset$GET'page' ... $inhalt=$inhaltsordner."/".$GET'page';...

Piwik Open Flash Chart Remote Code Execution Vulnerability

Exploit for unknown platform in category web applications ========================================================== Piwik Open Flash Chart Remote Code Execution Vulnerability ========================================================== Class: Input Validation Error CVE: Remote: Yes Local: No...

Piwik Open Flash Chart Remote Code Execution Vulnerability

No description provided by source. Bugtraq ID: 37314 Class: Input Validation Error CVE: Remote: Yes Local: No Published: Dec 14 2009 12:00AM Updated: Dec 17 2009 06:03PM Credit: Braeden Thomas Vulnerable: Piwik Piwik 0.4.3 Piwik Piwik 0.4.2 Piwik Piwik 0.4.1 Piwik Piwik 0.4 Piwik Piwik 0.2.37 Piw...

Piwik Open Flash Chart - Remote Code Execution

Bugtraq ID: 37314 Class: Input Validation Error CVE: Remote: Yes Local: No Published: Dec 14 2009 12:00AM Updated: Dec 17 2009 06:03PM Credit: Braeden Thomas Vulnerable: Piwik Piwik 0.4.3 Piwik Piwik 0.4.2 Piwik Piwik 0.4.1 Piwik Piwik 0.4 Piwik Piwik 0.2.37 Piwik Piwik 0.2.36 Piwik Piwik 0.2.35...

OSSIM v2.1.5 Arbitrary File Upload

No description provided by source. Advisory Name: Arbitrary File Upload in OSSIM Vulnerability Class: Arbitrary File Upload Release Date: 12-16-2009 Affected Applications: Confirmed in OSSIM 2.1.5. Other versions may also be affected. Affected Platforms: Multiple Local / Remote: Remote Severity:...

OSSIM 2.1.5 - Arbitrary File Upload

OSSIM 2.1.5 - Arbitrary File Upload Advisory Name: Arbitrary File Upload in OSSIM Vulnerability Class: Arbitrary File Upload Release Date: 12-16-2009 Affected Applications: Confirmed in OSSIM 2.1.5. Other versions may also be affected. Affected Platforms: Multiple Local / Remote: Remote Severity:...

CVE-2009-4315

Directory traversal vulnerability in admin/ajaxsave.php in Nuggetz CMS 1.0, when magicquotesgpc is disabled, allows remote attackers to create or modify arbitrary files via a .. dot dot in the nugget parameter and a modified pagevalue parameter, as demonstrated by creating and accessing a .php fi...

CVE-2009-4315

Directory traversal vulnerability in admin/ajaxsave.php in Nuggetz CMS 1.0, when magicquotesgpc is disabled, allows remote attackers to create or modify arbitrary files via a .. dot dot in the nugget parameter and a modified pagevalue parameter, as demonstrated by creating and accessing a .php fi...

CVE-2009-4264

PHP remote file inclusion vulnerability in components/core/connect.php in AROUNDMe 1.1 and earlier, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the languagepath parameter...

piwik -- php code execution

secunia reports: Stefan Esser has reported a vulnerability in Piwik, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to the core/Cookie.php script using "unserialize" with user controlled input. This can be exploited to e.g. execute...

Piwik < 0.5 unserialize() PHP Code Execution Vulnerability

Binary data 5263.prm...

Advisory 03/2009: Piwik Cookie unserialize&#40;&#41; Vulnerability

SektionEins GmbH www.sektioneins.de -= Security Advisory =- Advisory: Piwik Cookie Unserialize Vulnerability Release Date: 2009/12/09 Last Modified: 2009/12/09 Author: Stefan Esser stefan.esseratsektioneins.de Application: Piwik = 0.4.5 Severity: Piwik unserializes user input which allows an...

CVE-2009-4223

PHP remote file inclusion vulnerability in adm/krgourl.php in KR-Web 1.1b2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the DOCUMENTROOT parameter...

Achievo 1.4.2 Shell Upload

view source print? Affected Applications: Confirmed in Achievo 1.4.2. Other versions may also be affected. Severity: Medium – CVSS: 6.8 AV:L/AC:L/Au:S/C:C/I:C/A:C Vendor Status: New release available Achievo 1.4.3 Reference to Vulnerability Disclosure Policy:...

Achievo 1.4.2 Arbitrary File Upload

No description provided by source. Affected Applications: Confirmed in Achievo 1.4.2. Other versions may also be affected. Severity: Medium – CVSS: 6.8 AV:L/AC:L/Au:S/C:C/I:C/A:C Vendor Status: New release available Achievo 1.4.3 Reference to Vulnerability Disclosure Policy:...

Achievo 1.4.2 Arbitrary File Upload

Exploit for unknown platform in category web applications =================================== Achievo 1.4.2 Arbitrary File Upload =================================== Affected Applications: Confirmed in Achievo 1.4.2. Other versions may also be affected. Severity: Medium – CVSS: 6.8...

Simple Machines Forum Multiple Security Vulnerabilities

Exploit for unknown platform in category web applications ======================================================= Simple Machines Forum Multiple Security Vulnerabilities ======================================================= Simple Machines Forum is prone to multiple security vulnerabilities: - ...

Simple Machines Forum (SMF) 1.1.102.0 RC2 - Multiple Vulnerabilities

Simple Machines Forum SMF 1.1.102.0 RC2 - Multiple Vulnerabilities Simple Machines Forum is prone to multiple security vulnerabilities: - A remote PHP code-execution vulnerability - Multiple cross-site scripting vulnerabilities - Multiple cross-site request-forgery vulnerabilities - An...