CVE-2008-6771

CVE-2008-6771 affects YourPlace 1.0.2 and earlier, where a direct request to user/uploads/phpinfo.php invokes phpinfo and exposes sensitive system information. The document set confirms the affected product/version and the underlying cause (calling phpinfo). No explicit remediation is documented ...

CVE-2008-6771

YourPlace 1.0.2 and earlier allows remote attackers to obtain sensitive system information via a direct request via a direct request to user/uploads/phpinfo.php, which calls the phpinfo function...

Facil-CMS 0.1RC2 Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications ================================================ Facil-CMS 0.1RC2 Multiple Remote Vulnerabilities ================================================ Script Facil-CMS 0.1RC2 +download:...

Facil-CMS 0.1RC2 - Multiple Vulnerabilities

Script Facil-CMS 0.1RC2 +download: http://sourceforge.net/project/platformdownload.php?groupid=217673 DORK inurl:modules.php?modload=News Copyright C 2008 by FacilCMS.org inurl: /facil-cms/ Author any.zicky Contact Me anydotzickyatgmaildotcom ; About Facil CMS is a Free and Open Source Project fo...

Kim Websites 1.0 Download Backup / Info Disclosure

Kim Websites 1.0 Download Backup/PHPInfo Disclosure + Discovered By SirGod + www.mortal-team.org + www.h4cky0u.org + Download Backup - Go to backup folder.No restricting index or htaccess : http://127.0.0.1/path/admin/backups/ PoC : http://127.0.0.1/path/admin/backups/mysqlbeurstip20Nov2006.SQL +...

phpinfo cross-site scripting vulnerability-vulnerability warning-the black bar safety net

Vulnerability description: php is a widely used programming language, can be nested in the html with a to do web app development. phpinfois used to display the current php environment is a function of many site and program will phpinfo on your own site or on a program, but phpinfo in the presence...

Information disclosure

Content Management Made Easy CMME 1.19 allows remote attackers to obtain system information via a direct request to info.php, which invokes the phpinfo function...

CVE-2008-6159

Content Management Made Easy CMME 1.19 allows remote attackers to obtain system information via a direct request to info.php, which invokes the phpinfo function...

CVE-2008-6159

Content Management Made Easy (CMME) 1.19 is affected by an information disclosure vulnerability where a direct request to info.php invokes phpinfo, allowing remote attackers to obtain system information. The flaw is triggered by accessing the info.php entry point, and the underlying cause is the ...

CVE-2009-0453

Online Grades 3.2.4 allows remote attackers to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function...

CVE-2009-0453

Online Grades 3.2.4 allows remote attackers to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function...

CVE-2009-0453

CVE-2009-0453 affects Online Grades 3.2.4. The vulnerability allows remote attackers to disclose configuration information by requesting phpinfo.php, which invokes phpinfo(). The root cause is exposure of PHP configuration via the phpinfo output. Documented impact is information disclosure (parti...

Online Grades 3.2.4 SQL Injection

0x01 Informations: Script : Online Grades 3.2.4 Download : http://www.onlinegrades.org Vulnerability : Auth Bypass - Php Info Disclosure Author : x0r Contact : [email protected] \ [email protected] Website : NULL 0x02 Bug: /parents/login.php $username = $POST'uname'; $pword = $POST'pass'; $mysqlquer...

GNUBoard 4.31.03 (08.12.29) Local File Inclusion Vulnerability

Exploit for unknown platform in category web applications ============================================================== GNUBoard 4.31.03 08.12.29 Local File Inclusion Vulnerability ============================================================== GNUBoard V4.31.03 08.12.29 Local/Remote File Include...

PHP a the EVAL-vulnerability warning-the black bar safety net

Source: php, eval's BLOG Author: phpeval Some time ago a program out of the question. And this almost. 1. For the above code. If the URL submitted http://www. phpeval. cn/test. php? c=phpinfo; it can be found in phpinfois executed. And the corresponding submission of c=echo 1 1 1 1 1; found 1 1 1...

YourPlace <= 1.0.2 Multiple Remote Vulnerabilities + RCE Exploit

Exploit for unknown platform in category web applications ================================================================ YourPlace = 1.0.2 Multiple Remote Vulnerabilities + RCE Exploit ================================================================ START 0x01 Informations: Script : YourPlace 0...

yourplace 1.0.2 - Multiple Vulnerabilities Remote Code Execution

yourplace 1.0.2 - Multiple Vulnerabilities Remote Code Execution START 0x01 Informations: Script : YourPlace 0.5 beta 1 Download : http://www.hotscripts.com/jump.php?listingid=80545&jumptype=1 Vulnerability : DB Disclosure / Arbitrary Data Saving RCE EXPLOIT / Arbitrary File Upload / PHPInfo...

YourPlace &lt;= 1.0.2 Multiple Remote Vulnerabilities + RCE Exploit

No description provided by source. START 0x01 Informations: Script : YourPlace 0.5 beta 1 Download : http://www.hotscripts.com/jump.php?listingid=80545&jumptype=1 Vulnerability : DB Disclosure / Arbitrary Data Saving RCE EXPLOIT / Arbitrary File Upload / PHPInfo Disclosure / User Change Account...

CVE-2008-5322

Wysi Wiki Wyg 1.0 allows remote attackers to obtain system information via an invalid categup parameter to index.php, which calls the phpinfo function...

Code injection

Wysi Wiki Wyg 1.0 allows remote attackers to obtain system information via an invalid categup parameter to index.php, which calls the phpinfo function...