72 matches found
ValidForm Builder script - Remote Command Execution
ValidForm Builder script - Remote Command Execution Exploit Title: ValidForm Builder script Remote Command Execution Vulnerability Date: 2010/07/23 Author: HackeR aRaR Email: [email protected] My Sites : www.vbspiders.com Script home: http://www.phpgalleryscript.org download Script:...
Free PHP photo Gallery script - Remote Command Execution
Exploit Title: Free PHP photo gallery script Remote Command Execution Vulnerability Date: 2010/07/21 Author: ViRuS Qalaa Email: [email protected] My Sites : www.pal-mafia.com & www.vbspiders.com Script home: http://www.phpgalleryscript.org download Script: http://phpweby.com/downloads/gallery Tested o...
Free PHP Photo Gallery Script - Remote File Inclusion
Exploit Title: Free PHP photo gallery script Remote File inclusion Vulnerability Date: 2010/07/21 Author: ViRuS Qalaa Email: [email protected] My Sites : www.pal-mafia.com & www.vbspiders.com Script home: http://www.phpgalleryscript.org download Script: http://phpweby.com/downloads/gallery Tested on:...
CVE-2009-0331
Directory traversal vulnerability in gallery/comment.php in Enhanced Simple PHP Gallery ESPG 1.72 allows remote attackers to read arbitrary files via a .. dot dot in the file parameter. NOTE: the vulnerability may be in my little homepage Comment script. If so, then this should not be treated as ...
CVE-2009-0331
Directory traversal vulnerability in gallery/comment.php in Enhanced Simple PHP Gallery ESPG 1.72 allows remote attackers to read arbitrary files via a .. dot dot in the file parameter. NOTE: the vulnerability may be in my little homepage Comment script. If so, then this should not be treated as ...
CVE-2009-0331
The vulnerability described across sources affects Enhanced Simple PHP Gallery (ESPG) 1.72 in the file gallery/comment.php . It is a directory traversal issue that allows remote attackers to read arbitrary files via a .. (dot dot) component in the parameter named file . The note repeatedly sugges...
ESPG 1.72 File Disclosure
.::ESPG 1.72 File Disclosure Vulnerability::. = Scriptname: ESPG Enhanced Simple PHP Gallery 1.72 = Vendor: http://quirm.net = Download: http://quirm.net/download/21/ = Bugfounder: bd0rk = Contact: bd0rkathackermail.com = Greetings: str0ke, TheJT, Maria, Alucard, x0r32 = Vulnerable Code in...
ESPG (Enhanced Simple PHP Gallery) 1.72 - File Disclosure
ESPG Enhanced Simple PHP Gallery 1.72 - File Disclosure .::ESPG 1.72 File Disclosure Vulnerability::. = Scriptname: ESPG Enhanced Simple PHP Gallery 1.72 = Vendor: http://quirm.net = Download: http://quirm.net/download/21/ = Bugfounder: bd0rk = Contact: bd0rkathackermail.com = Greetings: str0ke,...
ESPG (Enhanced Simple PHP Gallery) 1.72 File Disclosure Vulnerability
Exploit for unknown platform in category web applications ===================================================================== ESPG Enhanced Simple PHP Gallery 1.72 File Disclosure Vulnerability ===================================================================== .::ESPG 1.72 File Disclosure...
CVE-2007-5733
Unrestricted file upload vulnerability in upload/upload.php in Japanese PHP Gallery Hosting, when Open directory mode is enabled, allows remote attackers to upload and execute arbitrary PHP code via a ServerPath parameter specifying a filename with a double extension. NOTE: some of these details...
Unrestricted file upload
Unrestricted file upload vulnerability in upload/upload.php in Japanese PHP Gallery Hosting, when Open directory mode is enabled, allows remote attackers to upload and execute arbitrary PHP code via a ServerPath parameter specifying a filename with a double extension. NOTE: some of these details...
CVE-2007-5733
The CVE-2007-5733 entry describes an unrestricted file upload in Japanese PHP Gallery Hosting (upload/upload.php) when Open directory mode is enabled. The vulnerability allows remote attackers to upload and execute arbitrary PHP code by crafting a ServerPath parameter with a filename using a doub...
Japanese PHP Gallery Hosting - Arbitrary File Upload
source: https://www.securityfocus.com/bid/26179/info Japanese PHP Gallery Hosting is prone to an arbitrary-file-upload vulnerability because it fails to adequately sanitize user-supplied input. An attacker can exploit this vulnerability to upload arbitrary code and execute it in the context of th...
Japanese PHP Gallery Hosting - Arbitrary File Upload
Japanese PHP Gallery Hosting - Arbitrary File Upload source: https://www.securityfocus.com/bid/26179/info Japanese PHP Gallery Hosting is prone to an arbitrary-file-upload vulnerability because it fails to adequately sanitize user-supplied input. An attacker can exploit this vulnerability to uplo...
PHP JackKnife [multiple vulnerabilities]
Vendor site: http://www.phpjk.com/ Product: phpjackknife Bug: sql injection , xss , full path Risk: high Note: works regarless of php.ini settings Description: PHP JackKnife PHPJK is freely downloadable PHP gallery software that you can use to instantly create you own online web gallery Injection...
CVE-2007-2098
Multiple cross-site scripting XSS vulnerabilities in showpic.php in Wabbit PHP Gallery 0.9 allow remote attackers to inject arbitrary web script or HTML via the 1 pic and 2 gal parameters...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in showpic.php in Wabbit PHP Gallery 0.9 allow remote attackers to inject arbitrary web script or HTML via the 1 pic and 2 gal parameters...
CVE-2007-2098
CVE-2007-2098 affects Wabbit PHP Gallery 0.9. The XSS flaw is in showpic.php, exploitable via the pic and gal parameters, enabling remote attackers to inject arbitrary script/HTML. Connected sources (NVD, CVE lists) confirm the vulnerability description; no specific patch/version remediation is p...
CVE-2007-2098
Multiple cross-site scripting XSS vulnerabilities in showpic.php in Wabbit PHP Gallery 0.9 allow remote attackers to inject arbitrary web script or HTML via the 1 pic and 2 gal parameters...
Wabbit PHP Gallery v0.9 Cross Site Scripting
""""""""""""""""""""""""""""""""""""""""""""""" """ :: :: ::::: :::: """ """ :: :: :: : :: """ """ :::: :: :: ::::: ::::: :::: """ """ :: :: ::: ::: :: :: :: :: :: """ """ :: :: :: : : ::::: :: :: :::: """ """ """ """"""""""""""""""""""""""""""""""""""""""""""" Xmor$ Security Vulnerability Resear...