1196 matches found
SUSE-SA:2006:024: php4,php5
The remote host is missing the patch for the advisory SUSE-SA:2006:024 php4,php5. This update fixes the following security issues in the scripting languages PHP4 and PHP5: - copy and tempnam functions could bypass openbasedir restrictions CVE-2006-1494 - Cross-Site-Scripting XSS bug in phpinfo...
Multiple PHP4/PHP5 vulnerabilities
INFIGO IS Security Advisory ADV-2006-04-02 http://www.infigo.hr/ Title: Multiple PHP4/PHP5 vulnerabilities Advisory ID: INFIGO-2006-04-02 Date: 2006-04-24 Advisory URL: http://www.infigo.hr/en/infocus/advisories/INFIGO-2006-04-02 Impact: Remote code execution and DoS Risk Level: Medium...
phpWebSite 0.10.2 - hub_dir Remote Command Execution
phpWebSite 0.10.2 - hubdir Remote Command Execution !/usr/bin/php -q -d shortopentag=on arbitrary local inclusion, works with magicquotesgpc = Off\r\n"; echo "by rgod, mail: [email protected]\r\n"; echo "site: http://retrogod.altervista.org\r\n\r\n"; if $argc 0 include$hubdir . 'conf/config.php'...
phpWebSite <= 0.10.2 (hub_dir) Remote Commands Execution Exploit
Exploit for unknown platform in category web applications ================================================================ phpWebSite arbitrary local inclusion, works with magicquotesgpc = Off\r\n"; echo "by rgod, mail: email protected\r\n"; echo "site: http://retrogod.altervista.org\r\n\r\n"; if...
phpWebSite 0.10.2 - 'hub_dir' Remote Command Execution
!/usr/bin/php -q -d shortopentag=on arbitrary local inclusion, works with magicquotesgpc = Off\r\n"; echo "by rgod, mail: [email protected]\r\n"; echo "site: http://retrogod.altervista.org\r\n\r\n"; if $argc 0 include$hubdir . 'conf/config.php'; define'PHPWSSOURCEDIR', $sourcedir; else...
phpWebSite <= 0.10.2 (hub_dir) Remote Commands Execution Exploit
No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo "PHPWebSite = 0.10.2 remote cmmnds xctn\r\n"; echo "- arbitrary local inclusion, works with magicquotesgpc = Off\r\n"; echo "by rgod, mail: [email protected]\r\n"; echo "site: http://retrogod.altervista.org\r\n\r\n"; i...
[ECHO_ADV_27$2006] AngelineCMS 0.8.1 Installpath Remote File Inclusion
/ / | | / // / | | Y / | / / /| / / / / / / .OR.ID ECHOADV27$2006 --------------------------------------------------------------------------- ECHOADV27$2006 AngelineCMS 0.8.1 Installpath Remote File Inclusion --------------------------------------------------------------------------- Author :...
Guestbook Script 1.7 - include_files Remote Code Execution
Guestbook Script 1.7 - includefiles Remote Code Execution !/usr/bin/perl use IO::Socket; print "guestbook script ' . $txt'txtfilenotfound' . ': ' . $val . ''; $tpl-register'guest', $key; ... here is includecontent function: function includecontent$path if isfile$path obstart; include$path; $conte...
igenus_remote.txt
!/usr/bin/perl use IO::Socket; print "\r\n"; print "iGENUS WebMail works against PHP5 with registerglobals = On\r\n"; print " & allowurlfopen = On\r\n"; print "by rgod rgodautisticiorg\r\n"; print "site: http://retrogod.altervista.org\r\n\r\n"; print "dork: intitle:"igenus webmail login"\r\n";...
iGENUS WebMail <= 2.0.2 (config_inc.php) Remote Code Execution Exploit
Exploit for unknown platform in category web applications ====================================================================== iGENUS WebMail works against PHP5 with registerglobals = On\r\n"; print " & allowurlfopen = On\r\n"; print "by rgod rgodautisticiorg\r\n"; print "dork: intitle:"igenus...
iGENUS WebMail <= 2.0.2 (config_inc.php) Remote Code Execution Exploit
No description provided by source. !/usr/bin/perl use IO::Socket; print "\r\n"; print "iGENUS WebMail = 2.0.2 remote commads xctn\r\n"; print "- works against PHP5 with registerglobals = On\r\n"; print " & allowurlfopen = On\r\n"; print "by rgod rgodATautisticiDOTorg\r\n"; print "site:...
iGENUS WebMail 2.0.2 - 'config_inc.php' Remote Code Execution
!/usr/bin/perl use IO::Socket; print "\r\n"; print "iGENUS WebMail works against PHP5 with registerglobals = On\r\n"; print " & allowurlfopen = On\r\n"; print "by rgod rgodautisticiorg\r\n"; print "site: http://retrogod.altervista.org\r\n\r\n"; print "dork: intitle:"igenus webmail login"\r\n";...
iGENUS WebMail 2.0.2 - config_inc.php Remote Code Execution
iGENUS WebMail 2.0.2 - configinc.php Remote Code Execution !/usr/bin/perl use IO::Socket; print "\r\n"; print "iGENUS WebMail works against PHP5 with registerglobals = On\r\n"; print " & allowurlfopen = On\r\n"; print "by rgod rgodautisticiorg\r\n"; print "site:...
egs_10rc4_php5_incl_xpl.php.txt
--------EGS Enterprise Groupware System 1.0 rc4 possibly prior versions------- remote code execution -------------------------------------------------------------------------------- software: site: http://egs.sourceforge.net/ description: "EGS is an Open Source business system released under the...
FlySpray 0.9.7 (install-0.9.7.php) Remote Commands Execution Exploit
No description provided by source. ?php ---flyspray097php5inclxpl.php 19.57 13/02/2006 FlySpray 0.9.7 remote commands execution exploit coded by rgod site: http://retrogod.altervista.org - works against PHP5 usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "Therefore the goo...
EnterpriseGS <= 1.0 rc4 Remote Commands Execution Exploit
Exploit for unknown platform in category web applications ========================================================= EnterpriseGS works against PHP5 usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "Thus the energy developed by good fighting men is as the momentum of a round...
EnterpriseGS 1.0 rc4 - Remote Command Execution
works against PHP5 usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "Thus the energy developed by good fighting men is as the momentum of a round stone rolled down a mountain thousands of feet in height. So much on the subject of energy." errorreporting0;...
FlySpray 0.9.7 - install-0.9.7.php Remote Command Execution
FlySpray 0.9.7 - install-0.9.7.php Remote Command Execution works against PHP5 usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "Therefore the good fighter will be terrible in his onset, and prompt in his decision" / short explaination: found this bug in FlySpray, exploiting...
EnterpriseGS 1.0 rc4 - Remote Command Execution
EnterpriseGS 1.0 rc4 - Remote Command Execution works against PHP5 usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "Thus the energy developed by good fighting men is as the momentum of a round stone rolled down a mountain thousands of feet in height. So much on the subject ...
FlySpray 0.9.7 - 'install-0.9.7.php' Remote Command Execution
works against PHP5 usage: launch from Apache, fill in requested fields, then go! Sun-Tzu: "Therefore the good fighter will be terrible in his onset, and prompt in his decision" / short explaination: found this bug in FlySpray, exploiting EGS Enterprise Groupware System 1.0 rc4, see this link for...