PHPCOIN 1.2.1 - 'mod.php' SQL Injection

phpCOIN 1.2.1 mod.php SQL Injection Vulnerability Author : Baybora Homepage : http://www.1923turk.com Blog : http://baybora.wordpress.com/ Script : phpCOIN 1.2.1 Download : http://www.phpcoin.com/ Vulnerable File mod.php?mod=faq&mode=show&faqid= SQL XpL...

phpCOIN v1.2.1 (mod.php) SQL Injection Vulnerability

Exploit for unknown platform in category web applications ==================================================== phpCOIN v1.2.1 mod.php SQL Injection Vulnerability ==================================================== phpCOIN 1.2.1 mod.php SQL Injection Vulnerability Author : Baybora Homepage :...

CVE-2007-0861

PHP remote file inclusion vulnerability in modules/mail/index.php in phpCOIN RC-1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the CCFG'PKGPATHMDLS' parameter. NOTE: this issue has been disputed by a reliable third party, who states that a fatal error occurs befo...

CVE-2007-0861

PHP remote file inclusion vulnerability in phpCOIN RC-1 and earlier affecting modules/mail/index.php. An attacker could execute arbitrary PHP code via a URL in the _CCFG['_PKG_PATH_MDLS'] parameter. Note: this issue has been disputed by a reliable third party, claiming a fatal error occurs before...

CVE-2007-0861

PHP remote file inclusion vulnerability in modules/mail/index.php in phpCOIN RC-1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the CCFG'PKGPATHMDLS' parameter. NOTE: this issue has been disputed by a reliable third party, who states that a fatal error occurs befo...

PT-2007-2303 · Phpcoin · Phpcoin

Name of the Vulnerable Software and Affected Versions: phpCOIN versions RC-1 and earlier Description: A remote file inclusion issue in the modules/mail/index.php file allows remote attackers to execute arbitrary PHP code via a URL in the CCFG' PKG PATH MDLS' parameter. However, this issue has bee...

phpCOIN <= RC-1 (modules/mail/index.php) Remote File Include Vulnerability

phpCOIN = RC-1 modules/mail/index.php Remote File Include Vulnerability Script: phpCOIN Version: RC-1 URL: http://www.phpcoin.com/coinmodules/downloads/dload.php?id=1 Found by: Born To K!LL Bug in : modules/mail/index.php code : Include module functions file include...

CVE-2006-4424

PHP remote file inclusion vulnerability in coinincludes/constants.php in phpCOIN 1.2.3 allows remote attackers to execute arbitrary PHP code via the CCFGPKGPATHINCL parameter...

CVE-2006-4425

CVE-2006-4425 affects the phpCOIN 1.2.3 package. Multiple remote file inclusion weaknesses allow an unauthenticated, remote attacker to cause code execution by manipulating the _CCFG[_PKG_PATH_INCL] parameter in seven coin_includes scripts (api.php, common.php, core.php, custom.php, db.php, redir...

CVE-2006-4424

CVE-2006-4424 is a PHP remote file inclusion vulnerability in phpCOIN 1.2.3. The flaw lies in coin_includes/constants.php where user-supplied _CCFG[_PKG_PATH_INCL] can cause the application to include arbitrary PHP code, enabling an attacker to execute code on the server. Affected component/issue...

CVE-2006-4425

Multiple PHP remote file inclusion vulnerabilities in phpCOIN 1.2.3 allow remote attackers to execute arbitrary PHP code via the CCFGPKGPATHINCL parameter in coinincludes scripts including 1 api.php, 2 common.php, 3 core.php, 4 custom.php, 5 db.php, 6 redirect.php or 7 sessionset.php. NOTE: the...

phpCOIN < 1.2.4 Multiple Script _CCFG[_PKG_PATH_INCL] Parameter Remote File Inclusion

Binary data 3735.prm...

phpCOIN 1.2.3 &#40;_CCFG[_PKG_PATH_INCL]&#41; Remote Include Vulnerability

phpCOIN 1.2.3 CCFGPKGPATHINCL Remote Include Vulnerability Discovered by: Timq http://www.securitydb.org Email: timqathackernetworkdotcom http://www.securitydb.org Vulnerable: requireonce include $CCFG'PKGPATHINCL'.'redirect.php'; Exploit PoC:...

phpCOIN Multiple Script _CCFG Parameter Remote File Inclusion

The remote host is running phpCOIN, a software package for web-hosting resellers to handle clients, orders, helpdesk queries, and the like. The version of phpCOIN installed on the remote host fails to sanitize input to the 'CCFG' array parameter before using it in several scripts to include PHP...

PHPCOIN 1.2.3 - &#039;session_set.php&#039; Remote File Inclusion

phpCOIN 1.2.3 CCFGPKGPATHINCL Remote Include Vulnerability Discovered by: Timq http://www.securitydb.org Email: timqathackernetworkdotcom http://www.securitydb.org Vulnerable: requireonce include $CCFG'PKGPATHINCL'.'redirect.php'; Exploit PoC:...

phpCOIN 1.2.3 (session_set.php) Remote Include Vulnerability

No description provided by source. phpCOIN 1.2.3 CCFGPKGPATHINCL Remote Include Vulnerability Discovered by: Timq http://www.securitydb.org Email: timqathackernetworkdotcom http://www.securitydb.org Vulnerable: requireonce include $CCFG'PKGPATHINCL'.'redirect.php'; Exploit PoC:...

PHPCOIN 1.2.3 - session_set.php Remote File Inclusion

PHPCOIN 1.2.3 - sessionset.php Remote File Inclusion phpCOIN 1.2.3 CCFGPKGPATHINCL Remote Include Vulnerability Discovered by: Timq http://www.securitydb.org Email: timqathackernetworkdotcom http://www.securitydb.org Vulnerable: requireonce include $CCFG'PKGPATHINCL'.'redirect.php'; Exploit PoC:...

phpCOIN 1.2.3 (session_set.php) Remote Include Vulnerability

Exploit for unknown platform in category web applications ============================================================ phpCOIN 1.2.3 sessionset.php Remote Include Vulnerability ============================================================ phpCOIN 1.2.3 CCFGPKGPATHINCL Remote Include Vulnerability...

Code injection

phpCOIN 1.2.3 and earlier stores messages based upon e-mail addresses, which allows remote authenticated users to read messages for other users by adding the sender's e-mail address as an "additional contact"...

CVE-2006-2422

phpCOIN 1.2.3 and earlier stores messages based upon e-mail addresses, which allows remote authenticated users to read messages for other users by adding the sender's e-mail address as an "additional contact"...