Light Blog Remote - Multiple Vulnerabilities

Light Blog Remote - Multiple Vulnerabilities !/usr/bin/php -q -d shortopentag=on \r\n"; echo "Thanks to rgod for the php code and Marty for the Love\r\n\r\n"; if $argc Related: Title Post\r\n"; echo " |- Es: php ".$argv0." localhost /blog/ 1 Hacked I Got You\r\n\r\n"; echo " 2 - Deface Blog With...

CVE-2006-5548

PHP remote file inclusion vulnerability in OTSCMS/OTSCMS.php in Open Tibia Server Content Management System OTSCMS 2.0.0 through 2.1.3 allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALSconfigdirectoriesclasses parameter...

CVE-2006-5554

Directory traversal vulnerability in index.php in Imageview 5 allows remote attackers to read or execute arbitrary local files via a .. dot dot in the usersettings cookie, as demonstrated by using the MyFile parameter in albumview.php to upload a text/plain .gif file containing PHP code, which is...

CVE-2006-5554

Directory traversal vulnerability in index.php in Imageview 5 allows remote attackers to read or execute arbitrary local files via a .. dot dot in the usersettings cookie, as demonstrated by using the MyFile parameter in albumview.php to upload a text/plain .gif file containing PHP code, which is...

CVE-2006-5549

PHP remote file inclusion vulnerability in libraries/amfphp/amf-core/custom/CachedGateway.php in Adobe PHP SDK allows remote attackers to execute arbitrary PHP code via the AMFPHPBASE parameter. NOTE: this issue has been disputed by a third-party researcher who states that AMFPHPBASE is a constan...

PHPLeague 0.81 - consultminiseul.php?cheminmini Remote File Inclusion

PHPLeague 0.81 - consultminiseul.php?cheminmini Remote File Inclusion source: https://www.securityfocus.com/bid/20756/info Php League is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to include...

TextPattern <= 1.19 (publish.php) Remote File Inclusion Vulnerability

No description provided by source. ----------------------------------------------------------------------------br / TextPattern =g1.19 txpcfgtxpath Remote File Inclusion Vulnerabilitybr / ----------------------------------------------------------------------------br / br / Author : Zeni Susanto...

CVE-2006-5510

Directory traversal vulnerability in explorerloadlang.php in PH Pexplorer 0.24 allows remote attackers to include arbitrary local files via ".." sequences in the Language cookie, as demonstrated by uploading a .gif file that contains PHP code...

EUVD-2006-5495

Directory traversal vulnerability in explorerloadlang.php in PH Pexplorer 0.24 allows remote attackers to include arbitrary local files via ".." sequences in the Language cookie, as demonstrated by uploading a .gif file that contains PHP code...

CVE-2006-5509

Eval injection vulnerability in addentry.php in WoltLab Burning Book 1.1.2 allows remote attackers to execute arbitrary PHP code via crafted POST requests that store PHP code in a database that is later processed by eval, as demonstrated using SQL injection via the n parameter...

CVE-2006-5510

Directory traversal vulnerability in explorerloadlang.php in PH Pexplorer 0.24 allows remote attackers to include arbitrary local files via ".." sequences in the Language cookie, as demonstrated by uploading a .gif file that contains PHP code...

CVE-2006-5497

PHP remote file inclusion vulnerability in themes/program/themesettings.inc.php in Segue CMS 1.5.8 and earlier, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the themesdir parameter...

ArticleBeach Script <= 2.0 (index.php) Remote File Inclusion Vulnerability

No description provided by source. ------------------------------------------------------------------------------ ArticleBeach Script = 2.0 page Remote File Inclusion Vulnerability ------------------------------------------------------------------------------ Author : Zeni Susanto a.k.a Bithedz...

MCGalleryPRO random2.php远程文件包含漏洞

mcGalleryPRO是一款图片收藏管理程序。 mcGalleryPRO的random2.php文件没有正确过滤对pathtofolder参数的输入，允许攻击者通过包含本地或外部资源的任意文件执行PHP代码。 random2.php中有漏洞的代码如下： if !empty$SERVER extract$SERVER, EXTROVERWRITE; if !empty$GET extract$GET, EXTROVERWRITE; if !empty$POST extract$POST, EXTROVERWRITE; if !empty$COOKIE extract$COOKIE,...

ArticleBeach Script 2.0 - index.php Remote File Inclusion

ArticleBeach Script 2.0 - index.php Remote File Inclusion ------------------------------------------------------------------------------ ArticleBeach Script = 2.0 page Remote File Inclusion Vulnerability ------------------------------------------------------------------------------ Author : Zeni...

TextPattern 1.19 - 'publish.php' Remote File Inclusion

---------------------------------------------------------------------------- TextPattern =g1.19 txpcfgtxpath Remote File Inclusion Vulnerability ---------------------------------------------------------------------------- Author : Zeni Susanto A.K.A Bithedz Date Found : October, 25th 2006 Locatio...

ArticleBeach Script 2.0 - 'index.php' Remote File Inclusion

------------------------------------------------------------------------------ ArticleBeach Script = 2.0 page Remote File Inclusion Vulnerability ------------------------------------------------------------------------------ Author : Zeni Susanto a.k.a Bithedz Date Found : October, 22th 2006...

CVE-2006-5473

PHP remote file inclusion vulnerability in Description.php in Softerra PHP Developer Library 1.5.3 and earlier allows remote attackers to execute arbitrary PHP code via the libdir parameter. NOTE: this issue is disputed by CVE as of 20061023, since there is no Description.php file included in the...

CVE-2006-5480

PHP remote file inclusion vulnerability in lib/rs.php in 2le.net Castor PHP Web Builder 1.1.1 allows remote attackers to execute arbitrary PHP code via the rootpath parameter...

JaxUltraBB 2.0 - Command Execution

JaxUltraBB 2.0 - Command Execution !/usr/bin/php -q -d shortopentag=on \r\n"; echo "Thanks to rgod for the php code and Marty for the Love\r\n"; echo "You need a valid Username and Password to get it working\r\n\r\n"; echo "This exploit will try to create a piggymarty.php backdoor on the...