Virtual Law Office (phpc_root_path) Remote File Include Vulnerabilities

Exploit for unknown platform in category web applications ======================================================================= Virtual Law Office phpcrootpath Remote File Include Vulnerabilities =======================================================================...

CVE-2005-3571

PHP file inclusion vulnerability in protection.php in CodeGrrl a PHPCalendar 1.0, b PHPClique 1.0, c PHPCurrently 2.0, d PHPFanBase 2.1, and e PHPQuotes 1.0 allows remote attackers to include arbitrary local files via the siteurl parameter when registerglobals is enabled. NOTE: It was later...

CVE-2005-3571

CVE-2005-3571 affects CodeGrrl PHP applications (PHPCalendar 1.0, PHPClique 1.0, PHPCurrently 2.0, PHPFanBase 2.1, PHPQuotes 1.0; PHPFanBase 2.2 also affected). The vulnerability is a PHP file-inclusion flaw in protection.php where the siteurl parameter is unsafely used in a PHP include when regi...

PHPCalendar (and some more codegrrl.com products) arbitrary code execution

PHPCalendar and some more codegrrl.com products arbitrary code execution ========================================================================== Software: PHPCalendar, PHPClique, PHPFanBase, PHPCurrently, PHPQuotes Severity: Arbitrary code execution Risk: High Author: Robin Verton...

[SA17542] CodeGrrl Products "siteurl" File Inclusion Vulnerability

TITLE: CodeGrrl Products "siteurl" File Inclusion Vulnerability SECUNIA ADVISORY ID: SA17542 VERIFY ADVISORY: http://secunia.com/advisories/17542/ CRITICAL: Highly critical IMPACT: System access WHERE: From remote SOFTWARE: PHPCalendar 1.x http://secunia.com/product/6095/ PHPClique 1.x...