EUVD-2004-0696

Malware in sbrugna...

EUVD-2010-4690

Malware in sbrugna...

Craft CMS Code Injection Vulnerability

Craft CMS contains a code injection vulnerability. Users with affected versions are vulnerable to remote code execution if their php.ini configuration has registerargcargv enabled...

Remote Code Execution (RCE)

craftcms/cms is vulnerable to Remote Code Execution RCE. The vulnerability is due to the registerargcargv directive being enabled in the php.ini configuration, which allows an attacker to execute arbitrary code on the affected system remotely...

CVE-2024-56145

Craft is a flexible, user-friendly CMS for creating custom digital experiences on the web and beyond. Users of affected versions are affected by this vulnerability if their php.ini configuration has registerargcargv enabled. For these users an unspecified remote code execution vector is present...

CVE-2024-56145

Craft CMS is affected by CVE-2024-56145 due to a code execution vector triggered when php.ini register_argc_argv is enabled. Reports indicate an RCE vulnerability exists in affected versions, with remediation via upgrading to Craft CMS 3.9.14, 4.13.2, or 5.5.2. If upgrading is not possible, the r...

CVE-2024-56145 RCE when PHP `register_argc_argv` config setting is enabled in craftcms/cms

Craft is a flexible, user-friendly CMS for creating custom digital experiences on the web and beyond. Users of affected versions are affected by this vulnerability if their php.ini configuration has registerargcargv enabled. For these users an unspecified remote code execution vector is present...

CVE-2024-56145

Craft is a flexible, user-friendly CMS for creating custom digital experiences on the web and beyond. Users of affected versions are affected by this vulnerability if their php.ini configuration has registerargcargv enabled. For these users an unspecified remote code execution vector is present...

CVE-2023-6971

The Backup Migration plugin for WordPress is vulnerable to Remote File Inclusion in versions 1.0.8 to 1.3.9 via the 'content-dir' HTTP header. This makes it possible for unauthenticated attackers to include remote files on the server, resulting in code execution. NOTE: Successful exploitation of...

PHP file include vulnerability details(including the truncated method)-vulnerability warning-the black bar safety net

One, what is”remote file inclusion vulnerability”for? The answer is: the server through the php properties of a function to contain any files, since you want to include this file source filter is not strict, so can go to that contains a malicious file and we can construct the malicious file to...

Flatnux Local File Inclusion / Upload

Author: girex Homepage: girex.altervista.org Date: 17/04/2009 CMS: flatnux-2009-03-27 site: flatnux.altervista.org Bugs: Multiple remote vulnerabilities Flatnux suffers of multiple local file inclusions: output of my scanner Line: 10 File: D:/xampp/htdocs/flat/flatnux/sections/00News/admin.php...

Flatnux 2009-03-27 (Upload/ID) Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications ============================================================== Flatnux 2009-03-27 Upload/ID Multiple Remote Vulnerabilities ============================================================== Author: girex Date: 17/04/2009 CMS: flatnux-2009-03-...

BusinessSpace <= 1.2 (id) Remote SQL Injection Vulnerability

No description provided by source. \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV102$2009 ----------------------------------------------------------------------------------------- ECHOADV102$2009 BusinessSpace = 1.2 id Remote SQL Injection Vulnerability...

Attachmax Dolphin <= 2.1.0 Multiple Remote Vulnerabilities

No description provided by source. \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV101$2008 ----------------------------------------------------------------------------------------- ECHOADV101$2008 Attachmax Dolphin = 2.1.0 Multiple Vulnerability...

Utopia News Pro <= 1.1.3 (news.php) SQL Injection Exploit

No description provided by source. ?php bif magic quotes off -SQL INJECTION: /str0ke 3.10 07/10/2005 utopiaxpl.php Utopia News Pro 1.1.3 possibly prior versions SQL Injection / Administrative credentials disclosure by rgod site: http://rgod.altervista.org make these changes in php.ini if you have...

CVE-2004-0697

CVE-2004-0697 affects 4D WebSTAR 5.3.2 and earlier. The vulnerability permits remote attackers to read the php.ini configuration file, potentially exposing sensitive information. The NVD entry lists a base CVSS v2 score of 5.0 (Medium) with network access and low complexity, but no exploitation d...

PHP 3.04.0 - Error Logging Format String

PHP 3.04.0 - Error Logging Format String // source: https://www.securityfocus.com/bid/1786/info PHP is a scripting language designed for CGI applications that is used on many websites. There exists a remotely exploitable format string vulnerability in all versions of PHP below PHP 4.0.3. The...