phpCC <= 4.2 beta (nickpage.php npid) Remote SQL Injection Exploit

Exploit for unknown platform in category web applications ================================================================== phpCC : "; $dir = ; chop $dir; if $dir = /exit/ print "-- Exploit FailedYou Are Exited \n"; exit; if $dir = /// else print "-- Exploit FailedNo DIR \n"; exit; print "User :...

solpot-adv-05.txt

SolpotCrew Community phpCC - Beta 4.2 basedir Remote File Inclusion Download file : http://www.phpcc.at/downloadfile1.html Bug Found By :Solpot a.k.a k. Hasibuan 06-08-2006 contact: [email protected] Website : http://www.solpotcrew.org/adv/solpot-adv-05.txt Greetz: choi , h4ntu , Ibnusina ,...

EUVD-2006-4065

Multiple PHP remote file inclusion vulnerabilities in Fabian Hainz phpCC Beta 4.2 allow remote attackers to execute arbitrary PHP code via a URL in the basedir parameter to 1 login.php, 2 reactivate.php, or 3 register.php...

CVE-2006-4073

CVE-2006-4073 affects Fabian Hainz’s phpCC Beta 4.2. The issue is multiple PHP remote file inclusion through the base_dir parameter in login.php, reactivate.php, and register.php, allowing remote code execution. The core cause is improper handling of base_dir leading to inclusion of attacker-cont...