CVE-2012-1920

@Mail WebMail Client in AtMail Open-Source 1.04 and earlier allows remote attackers to obtain configuration information via a direct request to install/info.php, which calls the phpinfo function...

Information disclosure

@Mail WebMail Client in AtMail Open-Source 1.04 and earlier allows remote attackers to obtain configuration information via a direct request to install/info.php, which calls the phpinfo function...

CVE-2012-1920

The CVE-2012-1920 issue affects the @Mail WebMail Client in AtMail Open-Source 1.04 and earlier. A remote attacker can obtain configuration information by issuing a direct request to install/info.php, which calls phpinfo. This is an information-disclosure vulnerability in the WebMail component. T...

CVE-2012-1920

@Mail WebMail Client in AtMail Open-Source 1.04 and earlier allows remote attackers to obtain configuration information via a direct request to install/info.php, which calls the phpinfo function...

EPractize Labs Subscription Manager 'showImg.php' PHP Code Injection Vulnerability

EPractize Labs Subscription Manager is prone to a remote PHP code- injection vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Parsp Shopping CMS Cross Site Scripting / Information Disclosure

Exploit Title: Parsp Shopping CMS V5 Multiple Vulnerability Date: 2012-01-22 GMT +7 Author: BHG Security Center Software Link: http://www.parsp.com/ Vendor Responses: They didn't respond to the emails. Dork: intext:"powered by www.parsp.com V5" Version : 5 Tested on: ubuntu 11.04 CVE : - Finders:...

Parsp Shopping CMS [V5] Multiple Vulnerability

Exploit for php platform in category web applications Exploit Title: Parsp Shopping CMS V5 Multiple Vulnerability Date: 2012-01-22 GMT +7 Author: BHG Security Center Software Link: http://www.parsp.com/ Vendor Responses: They didn't respond to the emails. Dork: intext:"powered by www.parsp.com V5...

PHP Photo Album 0.4.1.16 - Multiple Disclosure Vulnerabilities

PHP Photo Album 0.4.1.16 - Multiple Disclosure Vulnerabilities ---------------------------------------------------------------- PHP Photo Album = 0.4.1.16 Multiple Disclosure Vulnerabilities ---------------------------------------------------------------- Exploit Title: PHP Photo Album = 0.4.1.16...

CVE-2011-3580

IceWarp WebMail in IceWarp Mail Server before 10.3.3 allows remote attackers to obtain configuration information via a direct request to the /server URI, which triggers a call to the phpinfo function...

Star Develop Live Help 2.0 Disclosure / Bypass

================================================ Star Develop Live Help v2.0 Mullti Vulnerability ================================================ 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=0 0 . .--. .--. .---. . 1 1 .'| / | 0 0 | --: --: / .-.| .-. . . 1 1 | / | | | 0 0 '---' --' --'...

Slaed CMS Code Execution

Exploit Title: Slaed CMS Code exec Google Dork: "Powered by SLAED CMS" Date: 03.05.2011 Author: brainpillow Software Link: http://slaed.net/ Version: OpenSlaed 1.2 free, Slaed CMS = 4. On different versions of this software next vulnerabilities are availible:...

Andy's PHP Knowledgebase 'step5.php' Remote PHP Code Execution Vulnerability

This host is running Andy's PHP Knowledgebase and is prone to remote PHP code execution vulnerability. OpenVAS Vulnerability Test $Id: secpodaphpkbcodeexecvuln.nasl 5840 2017-04-03 12:02:24Z cfi $ Andy's PHP Knowledgebase 'step5.php' Remote PHP Code Execution Vulnerability Authors: Sooraj KS...

Joomla! Component com_xcloner-backupandrestore - Remote Command Execution

!/usr/bin/python Joomla component comxcloner-backupandrestore remote code execution exploit Vendor: http://www.xcloner.com/ "Our true divinity is in our ability to create. And armed with the understanding of the symbiotic connections of life, while being guided by the emergent nature of reality,...

PHPFastScanner - многопоточный Reverse-IP сканнер на PHP

Актуальная версия: 3.2 26.11.2011 Сканер создан для выполнения всей рутиной работы при взломе через Reverse-IP. Основные возможности: Анализ соседей целевого сайта по Reverse-IP Определение используемых движков в базе 68 сигнатур Возможность добавлять свои сигнатуры движков в общую базу см. FAQ...

Debian DSA-2139-1 : phpmyadmin - several vulnerabilities

Several vulnerabilities have been discovered in phpMyAdmin, a tool to administer MySQL over the web. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2010-4329 Cross site scripting was possible in search, that allowed a remote attacker to inject arbitrary...

[SECURITY] [DSA 2139-1] New phpmyadmin packages fix several vulnerabilities

------------------------------------------------------------------------ Debian Security Advisory DSA-2139-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst December 31, 2010 http://www.debian.org/security/faq -...

DSA-2139-1 phpmyadmin - several

Bulletin has no description...

CVE-2010-4481

phpMyAdmin before 3.4.0-beta1 allows remote attackers to bypass authentication and obtain sensitive information via a direct request to phpinfo.php, which calls the phpinfo function...

Possible information disclosure.

PMASA-2010-10 Announcement-ID: PMASA-2010-10 Date: 2010-12-07 Updated: 2010-02-16 Summary Possible information disclosure. Description Unauthenticated user was able to display phpinfo output if phpMyAdmin was enabled to show it. Severity The issue is considered minor, because this feature is not...

CVE-2008-7268

The phpinfo function in SiteEngine 5.x allows remote attackers to obtain system information by setting the action parameter to phpinfo in misc.php...