Subberz Lite - UserFunc Remote File Inclusion

Subberz Lite - UserFunc Remote File Inclusion source: https://www.securityfocus.com/bid/18990/info SubberZLite is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containi...

Subberz Lite - UserFunc Remote File Inclusion

source: https://www.securityfocus.com/bid/18990/info SubberZLite is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the...

[SA21038] CzarNews "tpath" File Inclusion Vulnerability

---------------------------------------------------------------------- Hardcore Disassembler / Reverse Engineer Wanted! Want to work with IDA and BinDiff? Want to write PoC's and Exploits? Your nationality is not important. We will get you a work permit, find an apartment, and offer a relocation...

FlatNuke 2.5.7 - 'index.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/18966/info FlatNuke is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include arbitrary remote files containing malicious PHP...

FlatNuke 2.5.7 - index.php Remote File Inclusion

FlatNuke 2.5.7 - index.php Remote File Inclusion source: https://www.securityfocus.com/bid/18966/info FlatNuke is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include...

CVE-2006-3536

Direct static code injection vulnerability in code/classdbtext.php in EJ3 TOPo 2.2.178 and earlier allows remote attackers to execute arbitrary PHP code via parameters such as 1 descripcion and 2 pais, which are stored directly in a PHP script. NOTE: the provenance of this information is unknown;...

SimpleBoard sbp Parameter Remote File Inclusion

Binary data 3684.prm...

Mambo phpBB Component download.php phpbb_root_path Parameter Remote File Inclusion

The remote host is running the phpBB component for Mambo, a web-based bulletin board. The version of the phpBB component for Mambo installed on the remote host fails to sanitize input to the 'phpbbrootpath' parameter of the 'download.php' and other scripts before using it to include PHP code...

Ottoman CMS 1.1.3 - ?default_path Remote File Inclusion (2)

Ottoman CMS 1.1.3 - ?defaultpath Remote File Inclusion 2 !/usr/bin/perl use IO::Socket; Jacek Wlodarczyk j4ck - jacekwloatgmaildotcom Title: Ottoman CMS \r\n"; print "-...

Ottoman CMS <= 1.1.3 (default_path) Remote File Inclusion Exploit

Exploit for unknown platform in category web applications ================================================================= Ottoman CMS = 1.1.3 defaultpath Remote File Inclusion Exploit ================================================================= !/usr/bin/perl use IO::Socket; Jacek Wlodarcz...

Ottoman CMS &lt;= 1.1.3 (default_path) Remote File Inclusion Exploit

No description provided by source. !/usr/bin/perl use IO::Socket; Jacek Wlodarczyk j4ck - jacekwloatgmaildotcom Title: Ottoman CMS = 1.1.3 Remote File Inclusion Exploit Application: Ottoman Content Management System Version: 1.1.3 and prior Url: http://www.lowter.com/p/ottoman Affected software...

Mambo Componen phpBB 1.2.4 - Multiple Remote File Inclusions

source: https://www.securityfocus.com/bid/18914/info phpBB for Mambo is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote file...

Ottoman CMS 1.1.3 - &#039;?default_path=&#039; Remote File Inclusion (2)

!/usr/bin/perl use IO::Socket; Jacek Wlodarczyk j4ck - jacekwloatgmaildotcom Title: Ottoman CMS \r\n"; print "- - Victim's ta...

CVE-2006-3421

PHP remote file inclusion vulnerability in SmartSiteCMS 1.0 and earlier, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via the root parameter in 1 comment.php, 2 admin/comedit.php, 3 admin/test.php, 4 admin/index.php, and 5 admin/include/incadminfoot.php, ...

Extcalendar 2.0 - &#039;Extcalendar.php&#039; Remote File Inclusion

source: https://www.securityfocus.com/bid/18876/info ExtCalendar is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include arbitrary remote files containing malicious P...

Extcalendar 2.0 - Extcalendar.php Remote File Inclusion

Extcalendar 2.0 - Extcalendar.php Remote File Inclusion source: https://www.securityfocus.com/bid/18876/info ExtCalendar is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue ...

CVE-2006-3374

PHP remote file inclusion vulnerability in index.php in Randshop 1.2 and earlier, including 0.9.3, allows remote attackers to execute arbitrary PHP code via a URL in the incl parameter...

CVE-2006-3395

PHP remote file inclusion vulnerability in top.php in SiteBuilder-FX 3.5 allows remote attackers to execute arbitrary PHP code via a URL in the admindir parameter...

CVE-2006-3375

PHP remote file inclusion vulnerability in includes/header.inc.php in Randshop 1.1.1 allows remote attackers to execute arbitrary PHP code via the dateiPfad parameter...

CVE-2006-3387

CVE-2006-3387 describes a directory traversal vulnerability in Fusion News 1.0. When register_globals is enabled, an attacker can manipulate the fil_config parameter in sources/post.php using a .. sequence to include arbitrary files. This can allow an attacker to execute PHP code that has been in...