68 matches found
EUVD-2008-3709
Malware in sbrugna...
EUVD-2008-3721
Malware in sbrugna...
EUVD-2008-0812
Malware in sbrugna...
EUVD-2008-3227
Malware in sbrugna...
EUVD-2008-2016
Malware in sbrugna...
PHPizabi 0.848b C1 HP3 'id' Parameter Local File Include Vulnerability
No description provided by source...
PHPizabi 0.848b C1 HFP1-3 - Remote Command Execution Exploit
No description provided by source. !/usr/bin/php ?php / Found this after getting my inet back and noticing this http://www.milw0rm.com/exploits/6085 . The only problem with the remote command execution there is that it actually requires registerglobals = on. I saw the GLOBAL keyword, and actually...
PHPizabi 0.8 'notepad_body' Parameter SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/34223/info PHPizabi is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...
PHPizabi 0.848b C1 HFP1-3 - Remote Arbitrary File Upload Exploit
No description provided by source. ?php / --------------------------------------------------------------- PHPizabi v0.848b C1 HFP1-3 Remote Arbitrary File Upload Exploit --------------------------------------------------------------- author...: EgiX mail.....: n0b0d13satgmaildotcom link.....:...
PHPizabi 0.848b C1 HFP3 - Database Information Disclosure Vuln
No description provided by source. -------------------------------------------------------- PHPizabi v0.848b C1 HFP3 database information exposure -------------------------------------------------------- I would like to state that I am in no way responsible for how this information is used. It is...
PHPizabi 0.848b - C1 HFP1 Remote Privilege Escalation Vulnerability
No description provided by source. -------------------------------------------------------------------------------- PHPizabi v0.848b C1 HFP1 proc.inc.php remote privilege escalation php.ini independent by Nine:Situations:Group::bookoo...
PHPizabi v0.848b C1 HFP1 Reinstall Script Vulnerability
Exploit for php platform in category web applications ======================================================= PHPizabi v0.848b C1 HFP1 Reinstall Script Vulnerability ======================================================= 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 ...
PHPizabi 0.848b C1 HFP1-3 File Upload
date"U"-300 43. 44. fnc"laneMakeToken", "file", $GET"id", array 45. "user.username" = me"username", 46. "file" = "system/cache/temp/".$filename, 47. ; 48. PHPizabi is prone to a vulnerability that lets remote attackers to upload and execute arbitrary script code. The uploaded file is saved into...
PHPizabi 0.848b C1 HFP1-3 - Arbitrary File Upload
PHPizabi 0.848b C1 HFP1-3 - Arbitrary File Upload date"U"-300 43. 44. fnc"laneMakeToken", "file", $GET"id", array 45. "user.username" = me"username", 46. "file" = "system/cache/temp/".$filename, 47. ; 48. PHPizabi is prone to a vulnerability that lets remote attackers to upload and execute...
PHPizabi 0.848b Privilege Escalation
-------------------------------------------------------------------------------- PHPizabi v0.848b C1 HFP1 proc.inc.php remote privilege escalation php.ini independent by Nine:Situations:Group::bookoo -------------------------------------------------------------------------------- our site:...
PHPizabi v0.848b C1 HFP1-3 Remote Arbitrary File Upload Exploit
Exploit for unknown platform in category web applications =============================================================== PHPizabi v0.848b C1 HFP1-3 Remote Arbitrary File Upload Exploit =============================================================== date"U"-300 43. 44. fnc"laneMakeToken", "file",...
PHPizabi notepad_body参数SQL注入漏洞
BUGTRAQ ID: 34223 PHPizabi是一款代码开源的在线交友、交流、婚介、商务合作系统。 PHPizabi的/theme/default/proc.inc.php模块中没有正确地验证用户所提交的notepadbody参数,远程攻击者可以通过提交恶意的查询请求执行SQL注入攻击。以下是有漏洞的代码段: ?php function bufferProcParse$buffer global $CONF; $tpl = new template; $tpl - LoadThis$buffer; // HANDLE POSTED NOTEPAD DATA \...
PHPizabi v0.848b C1 HFP1-3 Remote Arbitrary File Upload Exploit
No description provided by source. ?php / --------------------------------------------------------------- PHPizabi v0.848b C1 HFP1-3 Remote Arbitrary File Upload Exploit --------------------------------------------------------------- author...: EgiX mail.....: n0b0d13satgmaildotcom link.....:...
PHPizabi 0.848b C1 HFP1-3 - Arbitrary File Upload
date"U"-300 43. 44. fnc"laneMakeToken", "file", $GET"id", array 45. "user.username" = me"username", 46. "file" = "system/cache/temp/".$filename, 47. ; 48. PHPizabi is prone to a vulnerability that lets remote attackers to upload and execute arbitrary script code...
PHPizabi 0.8 - notepad_body SQL Injection
PHPizabi 0.8 - notepadbody SQL Injection source: https://www.securityfocus.com/bid/34223/info PHPizabi is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromi...