36 matches found
PHPGraphy 0.9.12 Zend_Hash_Del_Key_Or_Index privilege escalation
No description provided by source. ?php printr' --------------------------------------------------------------------------- PHPGraphy 0.9.12 ZendHashDelKeyOrIndex/privilege escalation/ /remote command execution exploit by rgod dork: intext:"This site is using phpGraphy" | intitle:"my phpgraphy...
PHPGraphy 0.9.12 Privilege Escalation / Commands Execution Exploit
No description provided by source. ?php printr' --------------------------------------------------------------------------- PHPGraphy 0.9.12 ZendHashDelKeyOrIndex/privilege escalation/ /remote command execution exploit by rgod dork: intext:"This site is using phpGraphy" | intitle:"my phpgraphy...
PHPGraphy 0.9.12 Privilege Escalation / Commands Execution Exploit
Exploit for unknown platform in category web applications ================================================================== PHPGraphy 0.9.12 Privilege Escalation / Commands Execution Exploit ================================================================== 126 $result.=" .";...
phpGraphy 0.9.12 - Privilege Escalation Commands Execution
phpGraphy 0.9.12 - Privilege Escalation Commands Execution 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.=" 0".dechexord$string$i; $cont++;if...
phpGraphy 0.9.12 - Privilege Escalation / Commands Execution
126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.=" 0".dechexord$string$i; $cont++;if $cont==15...
CVE-2006-1888
phpGraphy 0.9.11 and earlier allows remote attackers to bypass authentication and gain administrator privileges via a direct request to index.php with the editwelcome parameter set to 1, which can then be used to modify the main page to inject arbitrary HTML and web script. NOTE: XSS attacks are...
Authentication flaw
phpGraphy 0.9.11 and earlier allows remote attackers to bypass authentication and gain administrator privileges via a direct request to index.php with the editwelcome parameter set to 1, which can then be used to modify the main page to inject arbitrary HTML and web script. NOTE: XSS attacks are...
CVE-2006-1888
phpGraphy 0.9.11 and earlier has an authentication bypass vulnerability that can be triggered by directly requesting index.php with editwelcome=1, allowing an attacker to modify the main page and inject arbitrary HTML/script. This is described as enabling the attacker to gain administrator privil...
CVE-2006-1888
phpGraphy 0.9.11 and earlier allows remote attackers to bypass authentication and gain administrator privileges via a direct request to index.php with the editwelcome parameter set to 1, which can then be used to modify the main page to inject arbitrary HTML and web script. NOTE: XSS attacks are...
- PHPGraphy <= 0.9.11 "editwelcome" unauthorized access / cross site scripting -
PHPGraphy = 0.9.11 "editwelcome" unauthorized access / cross site scripting - -------------------------------- software site: http://phpgraphy.sourceforge.net/ description: "Full featured photo gallery PHP script - Light, fast and easy to install" vulnerable code index.php near line 503-10:...
CVE-2005-2735
Cross-site scripting XSS vulnerability in phpGraphy 0.9.9a and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag...
CVE-2005-2735
CVE-2005-2735 describes a cross-site scripting (XSS) vulnerability in phpGraphy 0.9.9a and earlier . The flaw allows remote attackers to inject arbitrary web script or HTML via EXIF data (e.g., Camera Model Tag) . Documented impact indicates that the vulnerability can be triggered through crafted...
CVE-2005-2735
Cross-site scripting XSS vulnerability in phpGraphy 0.9.9a and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag...
Multiple PHP Images Galleries EXIF Metadata XSS Vulnerabilities
Multiple PHP Images Galleries EXIF Metadata XSS Vulnerabilities Summary : A large majority of PHP Images Gallery Technologies now handle the Exchangeable Image File EXIF header of jpeg files. The Exchangeable Image File EXIF format is an international specification that lets imaging companies...
phpGraphy EXIF Data XSS
The remote host is running phpGraphy, a web-based photo album. According to its banner, the version of phpGraphy installed on the remote host is prone to script insertion attacks because it does not sanitize malicious EXIF data stored in image files. Using a specially crafted image file, an...
[SA16595] phpGraphy EXIF Data Script Insertion Vulnerability
---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...