phpMyFAQ <= 1.6.7 Remote SQL Injection / Command Execution Exploit

No description provided by source. !/usr/bin/php5-cgi -q ? / Sql injection / remote command execution exploit for phpmyfaq 1.6.8 Bugtraq: http://www.securityfocus.com/bid/21944 CVS:...

phpMyFAQ 1.6.7 - SQL Injection Command Execution

phpMyFAQ 1.6.7 - SQL Injection Command Execution !/usr/bin/php5-cgi -q " localhost:4001 [email protected] / function doupload$baseurl, $proxy, $cmd $fp = fopen"kebab.php", "w"; if!$fp die"Cannot open file for writing"; $code = "Un1q" . $cmd . ""; fwrite$fp, $code; fclose$fp; $sendvars"aktion"...

phpMyFAQ <= 1.6.7 Remote SQL Injection / Command Execution Exploit

Exploit for unknown platform in category web applications ================================================================== phpMyFAQ " localhost:4001 email protected / function doupload$baseurl, $proxy, $cmd $fp = fopen"kebab.php", "w"; if!$fp die"Cannot open file for writing"; $code = "Un1q"...

phpMyFAQ 1.6.7 - SQL Injection / Command Execution

!/usr/bin/php5-cgi -q " localhost:4001 [email protected] / function doupload$baseurl, $proxy, $cmd $fp = fopen"kebab.php", "w"; if!$fp die"Cannot open file for writing"; $code = "Un1q" . $cmd . ""; fwrite$fp, $code; fclose$fp; $sendvars"aktion" = "save"; $sendvars"uin" = "-1' UNION SELECT...

CVE-2007-1032

Unspecified vulnerability in phpMyFAQ 1.6.9 and earlier, when registerglobals is enabled, allows remote attackers to "gain the privilege for uploading files on the server."...

Code injection

Unspecified vulnerability in phpMyFAQ 1.6.9 and earlier, when registerglobals is enabled, allows remote attackers to "gain the privilege for uploading files on the server."...

CVE-2007-1032

Summary: CVE-2007-1032 affects phpMyFAQ 1.6.9 and earlier. The issue allows a remote attacker to upload files with the web server’s privileges when PHP register_globals is enabled. The vulnerability is triggered via scripts in the admin area (admin/attachment.php and admin/editor/plugins/ImageMan...

CVE-2007-1032

Unspecified vulnerability in phpMyFAQ 1.6.9 and earlier, when registerglobals is enabled, allows remote attackers to "gain the privilege for uploading files on the server."...

phpMyFAQ < 1.6.10 Multiple Script Arbitrary File Upload

The installation of phpMyFAQ on the remote host allows for bypassing authentication or escalating privileges via the 'admin/attachment.php' and 'admin/editor/plugins/ImageManager/images.php' scripts. By leveraging these issues, a remote attacker can upload files, possibly even containing arbitrar...

PHPMyFAQ SQL注入漏洞

PHPMyFAQ是一款基于PHP的WEB应用程序。 PHPMyFAQ不正确过滤用户提交的输入，远程攻击者可以利用漏洞进行SQL注入攻击，获得敏感信息。 问题是多个脚本对用户提交的WEB参数缺少过滤，提交恶意脚本代码作为参数数据，可导致获得敏感信息。 phpMyFAQ 1.6.7 phpMyFAQ phpMyFAQ 1.6.7 phpMyFAQ phpMyFAQ 1.6.8 http://www.phpmyfaq.de/getfaq.php?number=1.6.8&version=full&ext=.zip...

phpMyFAQ < 1.6.8 Multiple SQL Injection Vulnerabilities

The version of phpMyFAQ on the remote host does not properly validate input to the 'uin' parameter of several scripts before using it in database queries. An unauthenticated, remote attacker may be able to leverage these issues to launch SQL injection attacks against the affected application, eve...

CVE-2006-6912

phpMyFAQ is affected by SQL injection in versions up to 1.6.7 (and advisories also reference

CVE-2006-6913

CVE-2006-6913 affects phpMyFAQ 1.6.7 and earlier. An unspecified vulnerability allows remote attackers to upload arbitrary PHP scripts via unspecified vectors. Multiple reports reference this entry and describe the ability to upload executable files, but the exact vectors, affected components, an...

CVE-2006-6913

Unspecified vulnerability in phpMyFAQ 1.6.7 and earlier allows remote attackers to upload arbitrary PHP scripts via unspecified vectors...

CVE-2006-6912

SQL injection vulnerability in phpMyFAQ 1.6.7 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors, possibly the userfile or filename parameter...

phpMyFAQ < 1.6.8 Multiple Vulnerabilities

Binary data 3880.prm...

CVE-2006-6912

SQL injection vulnerability in phpMyFAQ 1.6.7 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors, possibly the userfile or filename parameter...

CVE-2006-6913

Unspecified vulnerability in phpMyFAQ 1.6.7 and earlier allows remote attackers to upload arbitrary PHP scripts via unspecified vectors...

[Full-disclosure] phpmyfaq exploit using PHP bug, CVE-2006-1490

Long time ago I made unneccesary noise about PHP zeroday. I expected it to be maybe much more dangerous that it appeared to be at end. There was lot of disscussions and one of main consensus was that this bug is not exploitable in real world because noone is using those vulnerable functions. This...

FreeBSD : phpmyfaq -- SQL injection, takeover, path disclosure, remote code execution (c6b9aee8-3071-11da-af18-000ae4641456)

If magic quotes are off there's a SQL injection when sending a forgotten password. It's possible to overwrite the admin password and to take over the whole system. In some files in the admin section there are some cross site scripting vulnerabilities. In the public frontend it's possible to inclu...