1410 matches found
AutoIndex PHP Script 2.2.2 PHP_SELF Index.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/26411/info AutoIndex PHP Script is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in...
Free Image Hosting <= 1.0 (forgot_pass.php) File Include Exploit
No description provided by source. !/usr/bin/php -q -d shortopentag=on ? print ' | \\ | \\ | \ . . |\ \ \ /\ \ / /| || | | | | \ | \ Y / | || | | \ | \ \ / | || | |/ // / / ||| \ | / / \ / \ |\ /\ / / \ / \ | | | | / /\ \ / \ / \ | | | | / | / Y \ || / /| /| /...
OpenEMR 4.1.1 (ofc_upload_image.php) Arbitrary File Upload Vulnerability
No description provided by source. ??php / OpenEMR 4.1.1 ofcuploadimage.php Arbitrary File Upload Vulnerability Vendor: OpenEMR Product web page: http://www.open-emr.org Affected version: 4.1.1 Summary: OpenEMR is a Free and Open Source electronic health records and medical practice management...
Sugar Suite Open Source <= 4.2 (OptimisticLock) Remote Exploit
No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo Sugar Suite Open Source = 4.2 \OptimisticLock!\ arbitrary remote inclusion exploit\r\n; echo by rgod [email protected]\r\n; echo site: http://retrogod.altervista.org\r\n\r\n; echo this is called the \five claws of...
W-Agora 4.2.1 - Multiple Arbitrary File Upload Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/23055/info w-Agora is prone to multiple arbitrary file-upload vulnerabilities. An attacker can exploit these vulnerabilities to upload PHP script code and execute it in the context of the webserver process. w-Agora 4.2.1 ...
LoudBlog 0.41 backend_settings.php language Parameter Traversal Arbitrary File Access
No description provided by source. source: http://www.securityfocus.com/bid/17023/info Loudblog is prone to multiple input-validation vulnerabilities: - An SQL-injection vulnerability. - Two local file-include vulnerabilities. - An information-disclosure vulnerability. These issues allow remote...
EgO 0.7b - (fckeditor) Remote File Upload
No description provided by source. Title: EgO v0.7b fckeditor Remote File Upload Download: http://sourceforge.net/projects/vairux-ego/ AUTHOR: ITSecTeam Email: [email protected] Website: http://www.itsecteam.com Forum : http://forum.ITSecTeam.com Original Advisory:...
JV2 Folder Gallery 3.0 0 - (download.php) Remote File Disclosure Exploit
No description provided by source. / Script Name :JV2 Folder Gallery Script site :www.jv2.net Discovered by :SaO Exploit Coded by :PeTrO Credits To soulreaver,Kuz3y Compile: Visual C++ or DevC++ / include stdio.h include string.h include winsock.h pragma commentlib,ws232.lib int mainint argc, cha...
Killer Protection 1.0 Information Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5905/info The Killer Protection PHP script is prone to an information-disclosure issue. Reportedly, unauthorized users can access sensitive user data by requesting the 'vars.inc' file in a malicious HTTP request. Exploiti...
cPanel < 11.25 CSRF - Add User php Script
No description provided by source. Exploit Title: cPanel 11.25 CSRF - Add php script Date: 27.05.2011 Author: ninjashell Software Link: http://cpanel.net Version: 11.25 see details below Tested on: Linux CVE : N/A I. Introduction cPanel versions below and excluding 11.25 , are vulnerable to CSRF...
Laurent Adda Les Commentaires 2.0 PHP Script derniers_commentaires.php Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/9536/info It has been reported that Les Commentaires may be prone to a file include vulnerability in various modules, that may allow an attacker to include malicious external files containing arbitrary PHP code to be...
PHP Script Directory Software (sbcat_id) SQL Injection Vulnerability
No description provided by source. == Author: BorN To K!LL - h4ck3r Contact: [email protected] == Script: PHP script directory software Version: n/a Link: http://www.softbizsolutions.com/script-directory-software.php == 3xploit: path/showcats.php?sbcatid=SQL-Injection 3xample:...
PHP 3-5 Ini_Restore() Safe_Mode and Open_Basedir Restriction Bypass Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/19933/info PHP is prone to a 'safemode' and 'openbasedir' restriction-bypass vulnerability. Successful exploits could allow an attacker to access sensitive information or to write files in unauthorized locations. This...
Text Exchange Pro (index.php page) Local File Inclusion
No description provided by source. ----------------------------------------------------------- Text Exchange Pro index.php page Local file inclusion Bug discovered by Yakir Wizman Date 24/08/2012 Vendor Homepage - http://www.phpwebscripts.com/text-exchange-pro/ Demo -...
Download Center 2.2 - SQL injection Vulnerability
No description provided by source. Name : MHP DownloadScript v2.2 = SQL injection Vulnerability +Autor : DeadLy DeMon +Date : 18.12.2010 +Script : MHP DownloadScript v2.2 +Download : ---- +Site : http://www.mhproducts.de/php-scripte-5/tools-dienste/download-center.html +Dork : Not Dork +Price :...
Benjamin Lefevre Dobermann Forum 0.x newtopic.php subpath Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/6057/info Dobermann Forum is prone to an issue which may allow remote attackers to include arbitrary files located on remote servers. This issue is present in several PHP script files provided with Dobermann. An attacker...
Laurent Adda Les Commentaires 2.0 PHP Script fonctions.lib.php Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/9536/info It has been reported that Les Commentaires may be prone to a file include vulnerability in various modules, that may allow an attacker to include malicious external files containing arbitrary PHP code to be...
Easy Banner Pro (index.php page) Local File Inclusion
No description provided by source. ----------------------------------------------------------- Easy Banner Pro index.php page Local file inclusion Bug discovered by Yakir Wizman Date 24/08/2012 Vendor Homepage - http://www.phpwebscripts.com/easybannerpro/ Demo -...
Jason Orcutt Prometheus 3.0/4.0/6.0 - Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6087/info Prometheus is prone to an issue which may allow remote attackers to include arbitrary files located on remote servers. This issue is present in several PHP script files provided with Prometheus. An attacker may...
Multiple WordPress Plugins (TimThumb 2.8.13 WordThumb 1.07) - WebShot Remote Code Execution
Multiple WordPress Plugins TimThumb 2.8.13 WordThumb 1.07 - WebShot Remote Code Execution | | / | \ | |/ |/ | / | | | | | | | | | | | | | / \ | | | || || | |\ | || | | / | | |/|| ||// \| Wordpress TimThumb 2.8.13 WebShot Remote Code Execution 0-day Affected website : a lot Wordpress...