15 matches found
EUVD-2007-4916
Malware in sbrugna...
EUVD-2007-4915
Malware in sbrugna...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in phpFFL 1.24 allow remote attackers to execute arbitrary PHP code via a URL in the PHPFFLFILEROOT parameter to 1 admin.php, 2 custompages.php, 3 draft.php, 4 faq.php, 5 leagues.php, 6 livedraft.php, 7 login.php, 8 myteam.php, 9 profile.php, 10...
CVE-2007-4934
Multiple PHP remote file inclusion vulnerabilities in phpFFL 1.24 allow remote attackers to execute arbitrary PHP code via a URL in the PHPFFLFILEROOT parameter to 1 programfiles/livedraft/livedraft.php or 2 programfiles/livedraft/admin.php...
CVE-2007-4935
Multiple PHP remote file inclusion vulnerabilities in phpFFL 1.24 allow remote attackers to execute arbitrary PHP code via a URL in the PHPFFLFILEROOT parameter to 1 admin.php, 2 custompages.php, 3 draft.php, 4 faq.php, 5 leagues.php, 6 livedraft.php, 7 login.php, 8 myteam.php, 9 profile.php, 10...
Immunity Canvas: PHPFFL_INCLUDE
Name| phpfflinclude ---|--- CVE| CVE-2007-4934 Exploit Pack| CANVAS Description| phpFFL 1.24 Remote file inclusion Notes| CVSS: 4.6 Repeatability: Infinite VENDOR: phpffl CVE Url: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4934 CVE Name: CVE-2007-4934...
CVE-2007-4934
CVE-2007-4934 and CVE-2007-4935 describe multiple PHP remote file inclusion (RFI) vulnerabilities in phpFFL 1.24. The issue allows an attacker to supply a URL via the PHPFFL_FILE_ROOT parameter to certain PHP files and cause arbitrary PHP code execution. For CVE-2007-4934, vectors include program...
CVE-2007-4935
PHPFFL 1.24 contains multiple remote file inclusion vulnerabilities that allow an attacker to execute arbitrary PHP code by supplying a URL to the PHPFFL_FILE_ROOT parameter on several pages (admin.php, custom_pages.php, draft.php, etc.). The vulnerabilities cover both general pages and specific ...
CVE-2007-4934
Multiple PHP remote file inclusion vulnerabilities in phpFFL 1.24 allow remote attackers to execute arbitrary PHP code via a URL in the PHPFFLFILEROOT parameter to 1 programfiles/livedraft/livedraft.php or 2 programfiles/livedraft/admin.php...
CVE-2007-4935
Multiple PHP remote file inclusion vulnerabilities in phpFFL 1.24 allow remote attackers to execute arbitrary PHP code via a URL in the PHPFFLFILEROOT parameter to 1 admin.php, 2 custompages.php, 3 draft.php, 4 faq.php, 5 leagues.php, 6 livedraft.php, 7 login.php, 8 myteam.php, 9 profile.php, 10...
phpFFL PHPFFL_File_Root参数远程文件包含漏洞
phpFFL是一款基于PHP的WEB应用程序。 phpFFL不正确过滤用户提交的输入,远程攻击者可以利用漏洞以WEB权限执行任意命令。 问题是多个脚本对用户提交的'PHPFFLFileRoot'参数缺少过滤,指定远程服务器上的任意文件作为包含对象,可导致以WEB权限执行任意PHP代码。 phpFFL 1.24 目前没有解决方案提供: http://www.phpffl.com/ http://www.example.com/phpffl/phpfflwebfiles/programfiles/livedraft/livedraft.php?PHPFFLFILEROOT= Evil Cod...
phpFFL 1.24 - PHPFFL_FILE_ROOT Remote File Inclusion
phpFFL 1.24 - PHPFFLFILEROOT Remote File Inclusion Title : phpFFL 1.24 Remote File Inclusion Vulnerability Title : phpFFL 1.24 Remote File Inclusion Vulnerability Author : Dj7xpl Contact : [email protected] Dawnload : http://sourceforge.net/project/showfiles.php?groupid=137531 Gr33tZ : Y! Undergroun...
phpFFL 1.24 PHPFFL_FILE_ROOT Remote File Inclusion Vulnerabilities
No description provided by source. Title : phpFFL 1.24 Remote File Inclusion Vulnerability Title : phpFFL 1.24 Remote File Inclusion Vulnerability Author : Dj7xpl Contact : [email protected] Dawnload : http://sourceforge.net/project/showfiles.php?groupid=137531 Gr33tZ : Y! Underground Group , IrR57 ...
phpFFL 1.24 PHPFFL_FILE_ROOT Remote File Inclusion Vulnerabilities
Exploit for unknown platform in category web applications ================================================================== phpFFL 1.24 PHPFFLFILEROOT Remote File Inclusion Vulnerabilities ================================================================== Title : phpFFL 1.24 Remote File Inclusio...
phpFFL 1.24 - 'PHPFFL_FILE_ROOT' Remote File Inclusion
Title : phpFFL 1.24 Remote File Inclusion Vulnerability Title : phpFFL 1.24 Remote File Inclusion Vulnerability Author : Dj7xpl Contact : [email protected] Dawnload : http://sourceforge.net/project/showfiles.php?groupid=137531 Gr33tZ : Y! Underground Group , IrR57 , Mehrdad AliZade Vuln Code:...