EUVD-2006-4037

Malware in sbrugna...

EUVD-2004-2077

Malware in sbrugna...

Web Servers PHPCodeCabinet Remote File Inclusion (CVE-2006-4044)

A Remote File Inclusion vulnerability has been reported in PHPCodeCabinet. The vulnerability is due to lack of sanitization for user-supplied data. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system. This protection was...

PHPCodeCabinet <= 0.5 (Core.php) Remote File Include Vulnerability

No description provided by source. !/usr/bin/env python coding: utf-8 from pocsuite.net import req from pocsuite.poc import POCBase, Output from pocsuite.utils import register class TestPOCPOCBase: vulID = '63800' ssvid version = '1.0' author = '周神' vulDate = '2006-08-09' createDate = '2015-12-24...

PHPCodeCabinet &lt;= 0.5 (Core.php) Remote File Include Vulnerability

No description provided by source. From Minion: PHPCodeCabinet all versions is vulnerable to a remote file include. The vulnerable code is in /include/Beautifier/Core.php an $BEAUTPATH Was not properly scrubbed, so they got owned. Proof of concept:...

PHPCodeCabinet.txt

------=Part4484231893622.1154733732400 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline From Minion: PHPCodeCabinet all versions is vulnerable to a remote file include. The vulnerable code is in /include/Beautifier/Core.php an...

CVE-2006-4044

PHP remote file inclusion vulnerability in Beautifier/Core.php in Brad Fears phpCodeCabinet 0.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the BEAUTPATH parameter...

CVE-2006-4044

PHP remote file inclusion vulnerability in Beautifier/Core.php in Brad Fears phpCodeCabinet 0.5 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the BEAUTPATH parameter...

[SA21386] phpCodeCabinet &quot;BEAUT_PATH&quot; File Inclusion Vulnerability

TITLE: phpCodeCabinet "BEAUTPATH" File Inclusion Vulnerability SECUNIA ADVISORY ID: SA21386 VERIFY ADVISORY: http://secunia.com/advisories/21386/ CRITICAL: Highly critical IMPACT: System access WHERE: From remote SOFTWARE: phpCodeCabinet 0.x http://secunia.com/product/3007/ DESCRIPTION: Minion ha...

PHPCodeCabinet <= 0.5 (Core.php) Remote File Include Vulnerability

Exploit for unknown platform in category web applications ================================================================== PHPCodeCabinet From Minion: PHPCodeCabinet all versions is vulnerable to a remote file include. The vulnerable code is in /include/Beautifier/Core.php an $BEAUTPATH Was not...

[Full-disclosure] PHPCodeCabinet Vulnerability

From Minion: PHPCodeCabinet all versions is vulnerable to a remote file include. The vulnerable code is in /include/Beautifier/Core.php an $BEAUTPATH Was not properly scrubbed, so they got owned. Proof of concept: target phpcodecabinet...

PHPCodeCabinet 0.5 - Core.php Remote File Inclusion

PHPCodeCabinet 0.5 - Core.php Remote File Inclusion From Minion: PHPCodeCabinet all versions is vulnerable to a remote file include. The vulnerable code is in /include/Beautifier/Core.php an $BEAUTPATH Was not properly scrubbed, so they got owned. Proof of concept:...

PHPCodeCabinet 0.5 - &#039;Core.php&#039; Remote File Inclusion

From Minion: PHPCodeCabinet all versions is vulnerable to a remote file include. The vulnerable code is in /include/Beautifier/Core.php an $BEAUTPATH Was not properly scrubbed, so they got owned. Proof of concept:...

CVE-2004-2085

CVE-2004-2085 affects Brad Fears phpCodeCabinet, versions 0.4 and earlier. The vulnerability is a set of cross-site scripting (XSS) flaws that allow remote attackers to inject arbitrary web script or HTML through multiple parameters in several scripts/pages: (1) comments.php (sid), (2) category.p...

CVE-2004-2085

Multiple cross-site scripting XSS vulnerabilities in Brad Fears phpCodeCabinet 0.4 and earlier allow remote attackers to inject arbitrary web script or HTML via multiple parameters, including 1 the sid parameter to comments.php, 2 the cid, cf, or rfd parameters to category.php, or the cid paramet...

CVE-2004-2085

Multiple cross-site scripting XSS vulnerabilities in Brad Fears phpCodeCabinet 0.4 and earlier allow remote attackers to inject arbitrary web script or HTML via multiple parameters, including 1 the sid parameter to comments.php, 2 the cid, cf, or rfd parameters to category.php, or the cid paramet...