Lucene search
K

36 matches found

seebug.org
seebug.org
added 2006/12/06 12:0 a.m.15 views

PHPGraphy 0.9.12 Zend_Hash_Del_Key_Or_Index privilege escalation

No description provided by source. ?php printr' --------------------------------------------------------------------------- PHPGraphy 0.9.12 ZendHashDelKeyOrIndex/privilege escalation/ /remote command execution exploit by rgod dork: intext:"This site is using phpGraphy" | intitle:"my phpgraphy...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2006/12/01 12:0 a.m.42 views

PHPGraphy 0.9.12 Privilege Escalation / Commands Execution Exploit

No description provided by source. ?php printr' --------------------------------------------------------------------------- PHPGraphy 0.9.12 ZendHashDelKeyOrIndex/privilege escalation/ /remote command execution exploit by rgod dork: intext:"This site is using phpGraphy" | intitle:"my phpgraphy...

7.1AI score
Exploits0
0day.today
0day.today
added 2006/11/30 12:0 a.m.55 views

PHPGraphy 0.9.12 Privilege Escalation / Commands Execution Exploit

Exploit for unknown platform in category web applications ================================================================== PHPGraphy 0.9.12 Privilege Escalation / Commands Execution Exploit ================================================================== 126 $result.=" .";...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2006/11/30 12:0 a.m.23 views

phpGraphy 0.9.12 - Privilege Escalation Commands Execution

phpGraphy 0.9.12 - Privilege Escalation Commands Execution 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.=" 0".dechexord$string$i; $cont++;if...

0.9AI score
Exploits0
Exploit DB
Exploit DB
added 2006/11/30 12:0 a.m.35 views

phpGraphy 0.9.12 - Privilege Escalation / Commands Execution

126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.=" 0".dechexord$string$i; $cont++;if $cont==15...

7.4AI score
Exploits0
NVD
NVD
added 2006/04/20 10:2 a.m.12 views

CVE-2006-1888

phpGraphy 0.9.11 and earlier allows remote attackers to bypass authentication and gain administrator privileges via a direct request to index.php with the editwelcome parameter set to 1, which can then be used to modify the main page to inject arbitrary HTML and web script. NOTE: XSS attacks are...

6.8CVSS6.3AI score0.02169EPSS
Exploits1References9
Prion
Prion
added 2006/04/20 10:2 a.m.13 views

Authentication flaw

phpGraphy 0.9.11 and earlier allows remote attackers to bypass authentication and gain administrator privileges via a direct request to index.php with the editwelcome parameter set to 1, which can then be used to modify the main page to inject arbitrary HTML and web script. NOTE: XSS attacks are...

6.8CVSS6.8AI score0.02169EPSS
Exploits1References9Affected Software1
CVE
CVE
added 2006/04/20 10:0 a.m.43 views

CVE-2006-1888

phpGraphy 0.9.11 and earlier has an authentication bypass vulnerability that can be triggered by directly requesting index.php with editwelcome=1, allowing an attacker to modify the main page and inject arbitrary HTML/script. This is described as enabling the attacker to gain administrator privil...

6.8CVSS6.3AI score0.02169EPSS
Exploits1References9Affected Software1
Cvelist
Cvelist
added 2006/04/20 10:0 a.m.16 views

CVE-2006-1888

phpGraphy 0.9.11 and earlier allows remote attackers to bypass authentication and gain administrator privileges via a direct request to index.php with the editwelcome parameter set to 1, which can then be used to modify the main page to inject arbitrary HTML and web script. NOTE: XSS attacks are...

6.3AI score0.02169EPSS
Exploits1References9
securityvulns
securityvulns
added 2006/04/17 12:0 a.m.34 views

- PHPGraphy <= 0.9.11 "editwelcome" unauthorized access / cross site scripting -

PHPGraphy = 0.9.11 "editwelcome" unauthorized access / cross site scripting - -------------------------------- software site: http://phpgraphy.sourceforge.net/ description: "Full featured photo gallery PHP script - Light, fast and easy to install" vulnerable code index.php near line 503-10:...

0.4AI score
Exploits0
NVD
NVD
added 2005/08/30 11:45 a.m.14 views

CVE-2005-2735

Cross-site scripting XSS vulnerability in phpGraphy 0.9.9a and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag...

4.3CVSS5.7AI score0.0197EPSS
Exploits0References6
CVE
CVE
added 2005/08/29 4:0 a.m.51 views

CVE-2005-2735

CVE-2005-2735 describes a cross-site scripting (XSS) vulnerability in phpGraphy 0.9.9a and earlier . The flaw allows remote attackers to inject arbitrary web script or HTML via EXIF data (e.g., Camera Model Tag) . Documented impact indicates that the vulnerability can be triggered through crafted...

4.3CVSS5.7AI score0.0197EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2005/08/29 4:0 a.m.17 views

CVE-2005-2735

Cross-site scripting XSS vulnerability in phpGraphy 0.9.9a and earlier allows remote attackers to inject arbitrary web script or HTML via EXIF data, such as the Camera Model Tag...

5.7AI score0.0197EPSS
Exploits0References6
securityvulns
securityvulns
added 2005/08/28 12:0 a.m.36 views

Multiple PHP Images Galleries EXIF Metadata XSS Vulnerabilities

Multiple PHP Images Galleries EXIF Metadata XSS Vulnerabilities Summary : A large majority of PHP Images Gallery Technologies now handle the Exchangeable Image File EXIF header of jpeg files. The Exchangeable Image File EXIF format is an international specification that lets imaging companies...

5.7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/08/27 12:0 a.m.30 views

phpGraphy EXIF Data XSS

The remote host is running phpGraphy, a web-based photo album. According to its banner, the version of phpGraphy installed on the remote host is prone to script insertion attacks because it does not sanitize malicious EXIF data stored in image files. Using a specially crafted image file, an...

4.3CVSS6AI score0.0197EPSS
Exploits0References3
securityvulns
securityvulns
added 2005/08/26 12:0 a.m.29 views

[SA16595] phpGraphy EXIF Data Script Insertion Vulnerability

---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...

0.2AI score
Exploits0
Rows per page
Query Builder