371 matches found
phpCMS 1.1.7 - parser.php Remote File Inclusion
phpCMS 1.1.7 - parser.php Remote File Inclusion source: https://www.securityfocus.com/bid/21768/info phpCMS is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the...
phpCMS 1.1.7 - class.http_indexer_PHPcms.php Remote File Inclusion
phpCMS 1.1.7 - class.httpindexerPHPcms.php Remote File Inclusion source: https://www.securityfocus.com/bid/21768/info phpCMS is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to...
phpCMS 1.1.7 - 'class.lib_indexer_universal_PHPcms.php' Remote File Inclusion
source: https://www.securityfocus.com/bid/21768/info phpCMS is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks a...
phpCMS 1.1.7 - 'class.parser_PHPcms.php' Remote File Inclusion
source: https://www.securityfocus.com/bid/21768/info phpCMS is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks a...
phpCMS 1.1.7 - 'parser.php' Remote File Inclusion
source: https://www.securityfocus.com/bid/21768/info phpCMS is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks a...
phpCMS 1.1.7 - 'class.http_indexer_PHPcms.php' Remote File Inclusion
source: https://www.securityfocus.com/bid/21768/info phpCMS is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks a...
phpCMS 1.1.7 - 'class.edit_PHPcms.php' Remote File Inclusion
source: https://www.securityfocus.com/bid/21768/info phpCMS is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks a...
phpCMS 1.1.7 - class.cache_PHPcms.php Remote File Inclusion
phpCMS 1.1.7 - class.cachePHPcms.php Remote File Inclusion source: https://www.securityfocus.com/bid/21768/info phpCMS is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise...
phpCMS 1.1.7 - counter.php Remote File Inclusion
phpCMS 1.1.7 - counter.php Remote File Inclusion source: https://www.securityfocus.com/bid/21768/info phpCMS is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the...
phpcms 2.4远程文件包含漏洞
guestbook.php漏洞代码如下 require \\\\\\\'common.php\\\\\\\'; require $phpcmsroot.\\\\\\\'/include/ubb.php\\\\\\\'; editor\\\\\\\\admin\\\\\\\\default.php漏洞代码如下: require \\\\\\\'../../common.php\\\\\\\'; require...
phpCMS1.2.x任意文件包含漏洞
有漏洞的include调用位于class.layoutphpcms.php中: ifisset$GET'language' && $GET'language' != '' include$PHPCMSINCLUDEPATH.'/language.'.$GETlanguage; ... --- 受影响系统: phpCMS phpCMS 1.2.1pl1 phpCMS phpCMS 1.2.1 phpCMS phpCMS 1.2.0 不受影响系统: phpCMS phpCMS 1.2.1pl2...
CVE-2006-3019
Multiple PHP remote file inclusion vulnerabilities in phpCMS 1.2.1pl2 allow remote attackers to execute arbitrary PHP code via a URL in the PHPCMSINCLUDEPATH parameter to files in parser/include/ including 1 class.parserphpcms.php, 2 class.sessionphpcms.php, 3 class.editphpcms.php, 4...
CVE-2006-3019
Multiple PHP remote file inclusion vulnerabilities in phpCMS 1.2.1pl2 allow remote attackers to execute arbitrary PHP code via a URL in the PHPCMSINCLUDEPATH parameter to files in parser/include/ including 1 class.parserphpcms.php, 2 class.sessionphpcms.php, 3 class.editphpcms.php, 4...
CVE-2006-3019
CVE-2006-3019 describes multiple PHP remote file inclusion vulnerabilities in phpCMS 1.2.1pl2. An attacker can cause arbitrary PHP code execution by supplying a URL in the PHPCMS_INCLUDEPATH parameter that is used to include files under parser/include/ (affecting files such as class.parser_phpcms...
f_pc-1.2.1pl2.txt
----------------------------------------------------- Advisory id: FSA:014 Author: Federico Fazzi Date: 12/06/2006, 10:25 Sinthesis: phpCMS 1.2.1pl2, Remote command execution Type: high Product: http://www.phpcms.de/ Patch: unavailable ----------------------------------------------------- 1...
phpCMS XSS
The remote host runs phpCMS, a content management system written in PHP. This version is vulnerable to cross-site scripting due to a lack of sanitization of user-supplied data in parser.php script. SPDX-FileCopyrightText: 2004 David Maciejak Some text descriptions might be excerpted from a...
phpCMS12x.txt
SEC-CONSULT Security Advisory 20050602-1 ======================================================================= title: Arbitrary File Inclusion in phpCMS 1.2.x program: phpCMS vulnerable version: 1.2.0, 1.2.1, 1.2.1pl1 homepage: www.phpcms.de found: 2005-05-31 by: sk0L / SEC-CONSULT /...
CVE-2005-1840
CVE-2005-1840 describes a directory traversal vulnerability in phpCMS 1.2.x before 1.2.1pl2, where an attacker can read or include arbitrary files by manipulating the language parameter to parser.php (via a .. path traversal). Affects phpCMS 1.2.x line; vulnerability demonstrated by using a dot-d...
CVE-2005-1840
Directory traversal vulnerability in class.layoutphpcms.php in phpCMS 1.2.x before 1.2.1pl2 allows remote attackers to read or include arbitrary files, as demonstrated using a .. dot dot in the language parameter to parser.php...
CVE-2005-1840
Directory traversal vulnerability in class.layoutphpcms.php in phpCMS 1.2.x before 1.2.1pl2 allows remote attackers to read or include arbitrary files, as demonstrated using a .. dot dot in the language parameter to parser.php...