7202 matches found
shopscript-exec.txt
?php Shop-Script FREE = 2.0 Remote Command Execution Exploit by InATeam tested on versions 1.2 and 2.0 works regardless magicquotesgpc=on Greetz: eXp, Kuzya, cxim, Russian, ENFIX echo "--------------------------------------------------------\n"; echo "Shop-Script FREE = 2.0 Remote Command Executi...
Shop-Script FREE <= 2.0 Remote Command Execution Exploit
No description provided by source. ?php Shop-Script FREE = 2.0 Remote Command Execution Exploit by InATeam tested on versions 1.2 and 2.0 works regardless magicquotesgpc=on Greetz: eXp, Kuzya, cxim, Russian, ENFIX echo "--------------------------------------------------------\n"; echo "Shop-Scrip...
Shop-Script FREE 2.0 - Remote Command Execution
Shop-Script FREE 2.0 - Remote Command Execution ?php Shop-Script FREE = 2.0 Remote Command Execution Exploit by InATeam tested on versions 1.2 and 2.0 works regardless magicquotesgpc=on Greetz: eXp, Kuzya, cxim, Russian, ENFIX echo "--------------------------------------------------------\n"; ech...
Shop-Script FREE 2.0 - Remote Command Execution
?php Shop-Script FREE = 2.0 Remote Command Execution Exploit by InATeam tested on versions 1.2 and 2.0 works regardless magicquotesgpc=on Greetz: eXp, Kuzya, cxim, Russian, ENFIX echo "--------------------------------------------------------\n"; echo "Shop-Script FREE = 2.0 Remote Command Executi...
Mambo / Joomla! Multiple Components 'mosConfig_live_site' Parameter Remote File Include
A third-party component for Mambo or Joomla! is running on the remote host. At least one such component is affected by a remote file include vulnerability due to improper sanitization of user-supplied input to the 'mosConfiglivesite' parameter before using it to include PHP code. Provided the PHP...
CVE-2007-4886
Incomplete blacklist vulnerability in index.php in AuraCMS 1.x and probably 2.x allows remote attackers to execute arbitrary PHP code via a 1 UNC share pathname, or a 2 ftp, 3 ftps, or 4 ssh2.sftp URL, in the pilih parameter, for which PHP remote file inclusion is blocked only for http URLs...
Design/Logic Flaw
Incomplete blacklist vulnerability in index.php in AuraCMS 1.x and probably 2.x allows remote attackers to execute arbitrary PHP code via a 1 UNC share pathname, or a 2 ftp, 3 ftps, or 4 ssh2.sftp URL, in the pilih parameter, for which PHP remote file inclusion is blocked only for http URLs...
CVE-2007-4886
Incomplete blacklist vulnerability in index.php in AuraCMS 1.x and probably 2.x allows remote attackers to execute arbitrary PHP code via a 1 UNC share pathname, or a 2 ftp, 3 ftps, or 4 ssh2.sftp URL, in the pilih parameter, for which PHP remote file inclusion is blocked only for http URLs...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in WebED in Markus Iser ED Engine 0.8999 alpha allow remote attackers to execute arbitrary PHP code via a URL in the Codebase parameter to 1 channeledit.php, 2 post.php, 3 view.php, or 4 viewitem.php in source/mod/rss/...
Unrestricted file upload
Unrestricted file upload vulnerability in the Restaurante comrestaurante component for Joomla! allows remote attackers to upload and execute arbitrary PHP code via an upload action specifying a filename with a double extension such as .php.jpg, which creates an accessible file under imgoriginal/...
CVE-2007-4817
Unrestricted file upload vulnerability in the Restaurante comrestaurante component for Joomla! allows remote attackers to upload and execute arbitrary PHP code via an upload action specifying a filename with a double extension such as .php.jpg, which creates an accessible file under imgoriginal/...
SolpotCrew Advisory #15 (home_edition2001) - Weblogicnet (files_dir) Remote File Inclusion
Nyubicrew Community Weblogicnet filesdir Remote File Inclusion vendor : http://www.weblogicnet.com/ source : http://weblogicnet.com/data/weblogicnet.tgz Bug Found By :homeedition2001 a.k.a bius 31-08-2007 contact: [email protected] Website : www.solpotcrew.org/adv/homeedition2001-adv-02.txt Greetz:...
Claroline inc/lib/language.lib.php language Parameter Traversal Local File Inclusion
The version of Claroline installed on the remote host fails to sanitize user-supplied input to the 'language' parameter before using it to include PHP code in the 'loadtranslation' method in 'claroline/inc/lib/language.lib.php'. Regardless of PHP's 'registerglobals' setting, an unauthenticated,...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in SpeedTech PHP Library STPHPLibrary 0.8.0 allow remote attackers to execute arbitrary PHP code via a URL in the 1 dbconf or 2 ADODBDIR parameter to utils/stphpimageshow.php; or a URL in the STPHPLIBDIR parameter to 3 stphpbutton.php, 4...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in SpeedTech PHP Library STPHPLibrary 0.8.0 allow remote attackers to execute arbitrary PHP code via a URL in the STPHPLIBDIR parameter to 1 stphpapplication.php, 2 stphpbtnimage.php, or 3 stphpform.php...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in Weblogicnet allow remote attackers to execute arbitrary PHP code via a URL in the filesdir parameter in 1 esdesp.php, 2 escustommenu.php, and 3 esoffer.php...
home_edition2001-adv-02.txt.txt
Nyubicrew Community Weblogicnet filesdir Remote File Inclusion vendor : http://www.weblogicnet.com/ source : http://weblogicnet.com/data/weblogicnet.tgz Bug Found By :homeedition2001 a.k.a bius 31-08-2007 contact: [email protected] Website : www.solpotcrew.org/adv/homeedition2001-adv-02.txt Greetz:...
SolpotCrew Advisory #15 (home_edition2001) - Weblogicnet (files_dir) Remote File Inclusion
Community Weblogicnet filesdir Remote File Inclusion vendor : http://www.weblogicnet.com/ source : http://weblogicnet.com/data/weblogicnet.tgz Bug Found By :homeedition2001 a.k.a bius 31-08-2007 contact: bius22 at mac dot com email concealed Website :...
Weblogicnet (files_dir) Multiple Remote File Inclusion Vulnerabilities
No description provided by source. Nyubicrew Community Weblogicnet filesdir Remote File Inclusion vendor : http://www.weblogicnet.com/ source : http://weblogicnet.com/data/weblogicnet.tgz Bug Found By :homeedition2001 a.k.a bius 31-08-2007 contact: [email protected] Website :...
Weblogicnet (files_dir) Multiple Remote File Inclusion Vulnerabilities
Exploit for unknown platform in category web applications ====================================================================== Weblogicnet filesdir Multiple Remote File Inclusion Vulnerabilities ====================================================================== Nyubicrew Community Weblogicn...