Artmedic Links 5.0 - 'index.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/20064/info The 'artmedic links' application is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker can exploit this issue to have malicious PHP code execute in the context of the webserver...

Hitweb 3.0 - REP_CLASS Multiple Remote File Inclusions

Hitweb 3.0 - REPCLASS Multiple Remote File Inclusions source: https://www.securityfocus.com/bid/20060/info Hitweb is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote...

Artmedic Links 5.0 - index.php Remote File Inclusion

Artmedic Links 5.0 - index.php Remote File Inclusion source: https://www.securityfocus.com/bid/20064/info The 'artmedic links' application is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker can exploit this issue to have...

CVE-2006-4826

PHP remote file inclusion vulnerability in bottom.php in Shadowed Portal 5.599 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the root parameter...

CVE-2006-4827

Multiple PHP remote file inclusion vulnerabilities in Vmist Downstat 1.8 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the art parameter to 1 admin.php, 2 chart.php, 3 modes.php, or 4 stats.php...

Limbo CMS 1.0.4.2L - com_contact Remote Code Execution

Limbo CMS 1.0.4.2L - comcontact Remote Code Execution !/usr/bin/php -q -d shortopentag=on ? printr' ----------------------------------------------------------------------------- Limbo = 1.0.4.2L "comcontact" remote commands execution exploit by rgod [email protected] site:...

Limbo CMS <= 1.0.4.2L (com_contact) Remote Code Execution Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? printr' ----------------------------------------------------------------------------- Limbo = 1.0.4.2L "comcontact" remote commands execution exploit by rgod [email protected] site: http://retrogod.altervista.org dorks:...

CVE-2006-4437

Eval injection vulnerability in Tagger LE allows remote attackers to execute arbitrary PHP code via the query string in 1 tags.php, 2 sign.php, and 3 admin/index.php...

CVE-2006-4437

The provided documents confirm CVE-2006-4437 in Tagger LE: an eval() injection vulnerability that allows remote attackers to execute arbitrary PHP code via crafted query string parameters in tags.php, sign.php, and admin/index.php. The root cause is unsanitised input being used directly inside an...

CVE-2006-4437

Eval injection vulnerability in Tagger LE allows remote attackers to execute arbitrary PHP code via the query string in 1 tags.php, 2 sign.php, and 3 admin/index.php...

CVE-2006-4780

PHP remote file inclusion vulnerability in includes/functions.php in phpBB XS 0.58 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the phpbbrootpath parameter...

phpQuiz 0.1 (pagename) Remote File Include Vulnerability

No description provided by source. SolpotCrew Community phpQuiz v0.01 design and coding byJule Slootbeek pagename Remote File Inclusion Download file : http://www.furor-normannicus.de/phpQuiz/download/phpQuiz.zip Bug Found By :Solpot a.k.a k. Hasibuan 14-09-2006 contact: [email protected]...

phpQuiz v0.01 design and coding byJule Slootbeek (pagename) Remote File Inclusion

SolpotCrew Community phpQuiz v0.01 design and coding byJule Slootbeek pagename Remote File Inclusion Download file : http://www.furor-normannicus.de/phpQuiz/download/phpQuiz.zip Bug Found By :Solpot a.k.a k. Hasibuan 14-09-2006 contact: [email protected] Website :...

CVE-2006-4770

PHP remote file inclusion vulnerability in menu.php in MiniPort@l 2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the skiny parameter...

CVE-2006-4733

PHP remote file inclusion vulnerability in sipssys/code/box.inc.php in Haakon Nilsen simple, integrated publishing system SIPS 0.3.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the configsipssys parameter. NOTE: the product's documentation recommends placing the...

solpot-adv-06.txt

SolpotCrew Community Mcgallerypro pathtofolder Remote File Inclusion Download file : http://phpforums.net/mcgp/mcgp.zip/mcgp.zip Bug Found By :Solpot a.k.a k. Hasibuan 10-09-2006 contact: [email protected] Website : http://www.nyubicrew.org/adv/solpot-adv-06.txt Greetz: choi , h4ntu ,...

CVE-2006-4721

Directory traversal vulnerability in admin.php in CCleague Pro Sports CMS 1.0.1 RC1 allows remote attackers to read and execute arbitrary local files via a .. dot dot sequence and trailing null %00 byte in the language Cookie parameter, as demonstrated by executing PHP code via a log file...

CVE-2006-4722

PHP remote file inclusion vulnerability in Open Bulletin Board OpenBB 1.0.8 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the rootpath parameter to 1 index.php and possibly 2 collector.php...

CVE-2006-4714

PHP remote file inclusion vulnerability in index.php in SpoonLabs Vivvo Article Management CMS aka phpWordPress 3.2 and earlier, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the classifiedpath parameter...

phpbb -- NULL byte injection vulnerability

Secunia reports: ShAnKaR has discovered a vulnerability in phpBB, which can be exploited by malicious users to compromise a vulnerable system. Input passed to the "avatarpath" parameter in admin/adminboard.php is not properly sanitised before being used as a configuration variable to store avatar...