Libra PHP File Manager 1.18/2.0 - Local File Inclusion

!/usr/bin/perl -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Libra PHP File Manager eNYe-Sec - www.enye-sec.org Greetings to Ka0x for help me with the perl code : You can scale directories and read any file that you have permissions use LWP::UserAgent; $ua =...

Libra PHP File Manager 1.182.0 - Local File Inclusion

Libra PHP File Manager 1.182.0 - Local File Inclusion ! /usr/bin/perl -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Libra PHP File Manager eNYe-Sec - www.enye-sec.org Greetings to Ka0x for help me with the perl code : You can scale directories and read any file that you have...

Libra PHP File Manager <= 1.18/2.0 Local File Inclusion Exploit

Exploit for unknown platform in category web applications =============================================================== Libra PHP File Manager eNYe-Sec - www.enye-sec.org Greetings to Ka0x for help me with the perl code : You can scale directories and read any file that you have permissions use...

libra-lfi.txt

! /usr/bin/perl -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Libra PHP File Manager eNYe-Sec - www.enye-sec.org Greetings to Ka0x for help me with the perl code : You can scale directories and read any file that you have permissions use LWP::UserAgent; $ua =...

z-breaknews 2.0 (single.php) Remote SQL Injection Vulnerability

No description provided by source. z Name : z-breaknews 2.0 single.php Remote SQL Injection Vulnerability Author : cOndemned Dark-Coders Greetz : Avantura, str0ke, ZaBeaTy, t0pP8uZz, 0in, suN8Hclf & All of my friends source of single.php : ... 4. @mysqlselectdb"$dbName"or die" ěó áňü áó íí "; 5...

Design/Logic Flaw

Unspecified vulnerability in mask PHP File Manager mPFM before 2.3 has unknown impact and remote attack vectors related to "manipulation of cookies."...

CVE-2008-3504

Unspecified vulnerability in mask PHP File Manager mPFM before 2.3 has unknown impact and remote attack vectors related to "manipulation of cookies."...

CVE-2008-3504

Unspecified vulnerability in mask PHP File Manager mPFM before 2.3 has unknown impact and remote attack vectors related to "manipulation of cookies."...

Design/Logic Flaw

webinc/bxe/scripts/loadsave.php in Flux CMS 1.5.0 and earlier allows remote attackers to execute arbitrary code by overwriting a PHP file in webinc/bxe/scripts/ via a filename in the XML parameter and PHP sequences in the request body, then making a direct request for this filename...

cmsscratch-traverse.txt

------------------------------------------------------------------------ CMS from Scratch special THanks to EgiX For founded it :d: Exploit : http://localhost/path/cms/images.php?dir=c: Example : http://localhost/path/cms/images.php?dir=c:WINDOWS/system32/ Exploit 2 : and you can upload php file ...

CVE-2008-1988

Unrestricted file upload vulnerability in the fileupload function in core/misc.class.php in EncapsGallery 2.0.2 allows remote authenticated administrators to upload and execute arbitrary PHP files by uploading a file with an executable extension, then accessing it via a direct request to the file...

Joomla 1.0.13 - 1.0.14 / &#40;remote&#41; PHP file inclusion possible if old configuration.php

Affects: Joomla 1.0.13 - 1.0.14 Vulnerability: remote PHP file inclusion possible if old configuration.php Date: 14-feb-2008 Introduction: Remote PHP file inclusion is possible when RGEMULATION is not defined in configuration.php. This is typical when upgrading from an older version, leaving...

Joomla 1.0.13 - 1.0.14 / &#40;remote&#41; PHP file inclusion possible if old configuration.php

Affects: Joomla 1.0.13 - 1.0.14 Vulnerability: remote PHP file inclusion possible if old configuration.php Date: 14-feb-2008 Introduction: Remote PHP file inclusion is possible when RGEMULATION is not defined in configuration.php. This is typical when upgrading from an older version, leaving...

Liquid-Silver CMS 0.1 - &#039;update&#039; Local File Inclusion

Liquid-Silver CMS Local File Inclusion Vulnerabilities http://sourceforge.net/project/showfiles.php?groupid=171166 author : Stack-Terrorist v40 foor read a php file ?update=name of file iwthout php for execute exploit does not write extention of file exploit : /Script/update/index.php?update=/nam...

CVE-2007-6668

admin/uploadgames.php in MySpace Content Zone MCZ 3.x does not require administrative privileges, which allows remote attackers to perform unrestricted file uploads, as demonstrated by uploading 1 a .php file and 2 a .php%00.jpeg file...

Directory traversal

Directory traversal vulnerability in users/files.php in Eurologon CMS allows remote attackers to read arbitrary files via a .. dot dot in the file parameter in a download action, as demonstrated by a certain PHP file containing database credentials...

CVE-2007-6185

Directory traversal vulnerability in users/files.php in Eurologon CMS allows remote attackers to read arbitrary files via a .. dot dot in the file parameter in a download action, as demonstrated by a certain PHP file containing database credentials...

PHP File Sharing System Index.PHP目录遍历漏洞

PHP File Sharing System是一款基于PHP的WEB应用程序。 PHP File Sharing System不正确过滤用户提交的URI数据，远程攻击者可以利用漏洞以WEB权限查看系统文件内容。 问题是由于'index.php'脚本对用户提交的WEB参数缺少过滤，提交包含"../"字符作为参数数据，可绕过WEB ROOT限制，以WEB权限查看系统文件内容。 PHP File Sharing System 1.5.1 目前没有详细解决方案提供： http://sourceforge.net/projects/phpfilesadmin/...

phpfss-traverse.txt

PHP File Sharing System - Directory traversal +--------------------------------------------+ Author: Jonas Thambert Date: 2007-10-13 URL: http://sourceforge.net/projects/phpfilesadmin/ Vendor Notified. Version: 1.5.1 latest - Description - PHP File Sharing System is vulnerable to directory...

[Full-disclosure] PHP File Sharing System 1.5.1

PHP File Sharing System - Directory traversal +--------------------------------------------+ Author: Jonas Thambert Date: 2007-10-13 URL: http://sourceforge.net/projects/phpfilesadmin/ Vendor Notified. Version: 1.5.1 latest - Description - PHP File Sharing System is vulnerable to directory...