PHP rfc1867.c $_FILES Array Crafted MIME Header Arbitrary File Upload

The remote host is running a version of PHP that is older than 4.3.9 or 5.0.2. The remote version of this software is affected by an unspecified file upload vulnerability that could allow a local attacker to upload arbitrary files to the server. This flaw can only be exploited locally...

GLSA-200406-09 : Horde-Chora: Remote code execution

The remote host is affected by the vulnerability described in GLSA-200406-09 Horde-Chora: Remote code execution A vulnerability in the diff viewer of Chora allows an attacker to inject shellcode. An attacker can exploit PHP's file upload functionality to upload a malicious binary to a vulnerable...

Vulnerabilities in Merak Webmail Server.

CRIOLABS http://www.criolabs.net - Software: Merak Webmail Server - Type: Webmail - Company: Merak Mail Server, Inc. Software Software: Merak Webmail Server Version: 5.2.7 Plataforms: All Windows platforms Web: http://www.merakmailserver.com/ Vendor Description Merak's WebMail Server is used by...

Horde-Chora: Remote code execution

Background Chora is a PHP-based SVN/CVS repository viewer by the HORDE project. Description A vulnerability in the diff viewer of Chora allows an attacker to inject shellcode. An attacker can exploit PHP's file upload functionality to upload a malicious binary to a vulnerable server, chmod it as...

cPanel 5 9 - Local Privilege Escalation

cPanel 5 9 - Local Privilege Escalation source: https://www.securityfocus.com/bid/10407/info cPanel is reported prone to a privilege escalation vulnerability. It is reported that the options used by cPanel to compile Apache 1.3.29 and PHP using the modphpsuexec option are insecure. These settings...

Include vulnerability in GEMITEL v 3.50

GEMITEL V 3 build 50 :: include vulnerability URL : http://www.isesam.com/ FORUM : http://www.isesam.com/forums/gemitel/threadopen.shtml Vendor has been contacted. Description : --------------- Gemitel is a free software written in php that allows to manage micro payments like allopass,...

Les Commentaires (PHP) Include file

Informations : °°°°°°°°°°°°°° Website : http://www.phpscripts-fr.net Version : all Problem : Include file PHP Code/Location : °°°°°°°°°°°°°°°°°°° config/fonctions.lib.php dernierscommentaires.php admin.php ------------------------------------------------------------------ if !isset$rep $rep = './...

Gallery 1.3.x/1.4 - Remote Global Variable Injection

source: https://www.securityfocus.com/bid/9490/info It has been reported that Gallery is prone to a vulnerability that may allow a remote attacker to gain unauthorized access by overwriting various values for global variables. The issue occurs due to improper simulation of the behaviour of...

Gallery 1.4 including file vulnerability

Gallery 1.4 including file vulnerability -Background Information- Gallery is a Web-based software product that lets you manage photos on any Web site that offers PHP support. With Gallery you can easily create and maintain albums of photos via an intuitive interface. Photo management includes...

CVE-2003-0491

The Tutorials 2.0 module in XOOPS and E-XOOPS allows remote attackers to execute arbitrary code by uploading a PHP file without a MIME image type, then directly accessing the uploaded file...

ttCMS 2.2/2.3 - 'header.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/7625/info A remote file include vulnerability has been reported for ttCMS. Due to insufficient sanitization of some user-supplied variables by the 'header.php' script, it is possible for a remote attacker to include a malicious PHP file in a URL...

ttCMS 2.2 ttForum 1.1 - install.php?installdir Remote File Inclusion

ttCMS 2.2 ttForum 1.1 - install.php?installdir Remote File Inclusion source: https://www.securityfocus.com/bid/7542/info A remote file include vulnerability has been reported for both ttForum and ttCMS. Due to insufficient sanitization of some user-supplied variables by the 'News.php' and...

E-theni (PHP)

Informations : °°°°°°°°°°°°°° Version : ? Website : http://www.theni.freesurf.fr Problems : - Include file - phpinfo PHP Code/Location : °°°°°°°°°°°°°°°°°°° /admint/include/afflistelangue.php : ----------------------------------------- require $repinclude."paralangue.php";...

S8Forum 3.0 - Remote Command Execution

source: https://www.securityfocus.com/bid/6547/info S8Forum is prone to a remote command execution vulnerability. When a user registers with the forum, a file is created locally with the specified username. The contents of this file will be the data entered by the user. As a result, a malicious...

PEEL (PHP)

Informations : °°°°°°°°°°°°°° Version : 1.0b Website : http://www.mapetite-entreprise.com Problem : Include file PHP Code/Location : °°°°°°°°°°°°°°°°°°° modeles/haut.php : ----------------------------------------------------------- ? $langfile = $dirroot."/lang/".$SESSION"lang"."/lang.php"; requi...

CVE-2002-1991

PHP file inclusion vulnerability in osCommerce 2.1 execute arbitrary commands via the includefile parameter to includeonce.php...

CVE-2002-2015

PHP file inclusion vulnerability in user.php in PostNuke 0.703 allows remote attackers to include arbitrary files and possibly execute code via the caselist parameter...

CVE-2002-2200

Benjamin Lefevre Dobermann FORUM 0.5 and earlier allows remote attackers to remotely include and execute malicious PHP files via the "subpath" variablein 1 entete.php, 2 enteteacceuil.php, 3 index.php, or 4 newtopic.php...

Mantis Bug Tracker 0.15.x0.160.17.x - JPGraph Remote File Inclusion Command Execution

Mantis Bug Tracker 0.15.x0.160.17.x - JPGraph Remote File Inclusion Command Execution source: https://www.securityfocus.com/bid/5504/info Mantis depends on include files to provide some functionality, such as dynamic generation of graphs. However, since Mantis does not properly validate the path ...

CVE-2002-0764

Phorum 3.3.2a allows remote attackers to execute arbitrary commands via an HTTP request to 1 plugin.php, 2 admin.php, or 3 del.php that modifies the PHORUMsettingsdir variable to point to a directory that contains a PHP file with the commands...