Directory traversal

Multiple PHP remote file inclusion vulnerabilities in Brim formerly Booby 1.0.1 allow remote attackers to execute arbitrary PHP code via a URL in the renderer parameter to template.tpl.php in 1 barrel/, 2 barry/, 3 mylook/, 4 oerdec/, 5 penguin/, 6 sidebar/, 7 slashdot/, and 8 text-only/ in...

CVE-2008-2638

Static code injection vulnerability in guestbook.php in 1Book 1.0.1 and earlier allows remote attackers to upload arbitrary PHP code via the message parameter in an HTML webform, which is written to data.php...

Code injection

Static code injection vulnerability in guestbook.php in 1Book 1.0.1 and earlier allows remote attackers to upload arbitrary PHP code via the message parameter in an HTML webform, which is written to data.php...

CVE-2008-2638

Static code injection vulnerability in guestbook.php in 1Book 1.0.1 and earlier allows remote attackers to upload arbitrary PHP code via the message parameter in an HTML webform, which is written to data.php...

Achievo <= 1.3.2 (fckeditor) Arbitrary File Upload Exploit

Exploit for unknown platform in category web applications ========================================================== Achievo array"zip","doc","xls","pdf","rtf","csv","jpg","gif","jpeg","png","avi","mpg","mpeg","swf","fla", with a default configuration of this script, an attacker might be able to...

Achievo 1.3.2 - &#039;FCKeditor&#039; Arbitrary File Upload

array"zip","doc","xls","pdf","rtf","csv","jpg","gif","jpeg","png","avi","mpg","mpeg","swf","fla", with a default configuration of this script, an attacker might be able to upload arbitrary files containing malicious PHP code due to multiple file extensions isn't properly checked / errorreporting0...

SyntaxCMS &lt;= 1.3 (fckeditor) Arbitrary File Upload Exploit

No description provided by source. ?php / -------------------------------------------------------------- Syntax CMS = 1.3 fckeditor Arbitrary File Upload Exploit -------------------------------------------------------------- Gr33ts t0 : EgiX, ThE GeNeRal L0s3r , Houssamix ,Str0ke == special THank...

SyntaxCMS <= 1.3 (fckeditor) Arbitrary File Upload Exploit

Exploit for unknown platform in category web applications ========================================================== SyntaxCMS special THanks to EgiX For the Exploit Code author...: Stack mail.....: Ev!L descr: if the web site change the name of path or path is /public/ you can delet /public/ in...

SyntaxCMS 1.3 - &#039;FCKeditor&#039; Arbitrary File Upload

special THanks to EgiX For the Exploit Code author...: Stack mail.....: Ev!L descr: if the web site change the name of path or path is /public/ you can delet /public/ in the exploit in the line : "POST $pathpublic/fckeditor/editor/filemanager/upload/php/upload.php - vulnerable code in...

syntaxcms-upload.txt

special THanks to EgiX For the Exploit Code author...: Stack mail.....: Ev!L descr: if the web site change the name of path or path is /public/ you can delet /public/ in the exploit in the line : "POST $pathpublic/fckeditor/editor/filemanager/upload/php/upload.php - vulnerable code in...

CVE-2008-2480

PHP remote file inclusion vulnerability in plus.php in plusPHP Short URL Multi-User Script 1.6 allows remote attackers to execute arbitrary PHP code via a URL in the pagesdir parameter...

CVE-2008-2345

Unspecified vulnerability in the airfilemanager 0.6.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary PHP code via unspecified vectors related to "insufficient file filtering."...

CVE-2008-2345

Unspecified vulnerability in the airfilemanager 0.6.0 and earlier extension for TYPO3 allows remote attackers to execute arbitrary PHP code via unspecified vectors related to "insufficient file filtering."...

cPanel 11.21 - wwwact Privilege Escalation

cPanel 11.21 - wwwact Privilege Escalation source: https://www.securityfocus.com/bid/29277/info cPanel is prone to a remote privilege-escalation vulnerability because of an unspecified error. Successfully exploiting this issue allows remote attackers to gain administrative privileges to the...

cPanel 11.21 - &#039;wwwact&#039; Privilege Escalation

source: https://www.securityfocus.com/bid/29277/info cPanel is prone to a remote privilege-escalation vulnerability because of an unspecified error. Successfully exploiting this issue allows remote attackers to gain administrative privileges to the affected application and execute malicious PHP...

CVE-2008-2296

PHP remote file inclusion vulnerability in include/bbs.lib.inc.php in Rgboard 3.0.12 allows remote attackers to execute arbitrary PHP code via a URL in the sitepath parameter...

CVE-2008-2284

PHP remote file inclusion vulnerability in fusebox5.php in Fusebox 5.5.1 allows remote attackers to execute arbitrary PHP code via a URL in the FUSEBOXAPPLICATIONPATH parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CMS Made Simple &lt;= 1.2.4 (FileManager module) File Upload Exploit

No description provided by source. ?php / --------------------------------------------------------------------------- CMS Made Simple = 1.2.4 FileManager module Arbitrary File Upload Exploit --------------------------------------------------------------------------- author...: EgiX...

lanaicms-upload.txt

0 && !inarray $sExtension, $arAllowed || count$arDenied 0 && inarray $sExtension, $arDenied 63. SendResults '202' ; 64. 65. $sErrorNumber = '0'...

Remote file inclusion

PHP remote file inclusion vulnerability in example.php in Thomas Gossmann ScorpNews 2.0 allows remote attackers to execute arbitrary PHP code via a URL in the site parameter...