251 matches found
phpnuke-admin.txt
Paste this code into an HTML page then link it to victim victim must be admin document.Faiuto.submit You are admin now ; Then you can log in into phpnuke with user HACKER and pass YOURPASSWORD...
Remote file inclusion
PHP remote file inclusion vulnerability in convert/mvcwconver.php in the Virtual War VWar module for PHPNuke-Clan PNC 4.2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the vwarroot parameter, a different vector than CVE-2006-1602. NOTE: it is possible that this...
CVE-2007-4606
PHP remote file inclusion vulnerability in convert/mvcwconver.php in the Virtual War VWar module for PHPNuke-Clan PNC 4.2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the vwarroot parameter, a different vector than CVE-2006-1602. NOTE: it is possible that this...
CVE-2007-4606
CVE-2007-4606 describes a PHP remote file inclusion in the Virtual War (VWar) module of PHPNuke-Clan (PNC) 4.2.0 and earlier. The vulnerability arises in convert/mvcw_conver.php where an attacker can cause arbitrary PHP code execution by supplying a crafted URL in the vwar_root parameter. The iss...
CVE-2007-4606
PHP remote file inclusion vulnerability in convert/mvcwconver.php in the Virtual War VWar module for PHPNuke-Clan PNC 4.2.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the vwarroot parameter, a different vector than CVE-2006-1602. NOTE: it is possible that this...
phpnukeclan-rfi.txt
'/ -.- --------------------------oOO------OOo------------------------- | PHPNuke-Clan = v4.2.0 mvcwconver.php Remote File Inclusion | | coded by DNX | ------------------------------------------------------------------ ! Discovered: DNX ! Vendor: http://www.phpnuke-clan.net ! Detected: 11.08.2007 ...
PHPNuke-Clan <= 4.2.0 (mvcw_conver.php) RFI Vulnerability
No description provided by source. '/ -.- --------------------------oOO------OOo------------------------- | PHPNuke-Clan = v4.2.0 mvcwconver.php Remote File Inclusion | | coded by DNX | ------------------------------------------------------------------ ! Discovered: DNX ! Vendor:...
PHPNuke-Clan 4.2.0 - mvcw_conver.php Remote File Inclusion
PHPNuke-Clan 4.2.0 - mvcwconver.php Remote File Inclusion '/ -.- --------------------------oOO------OOo------------------------- | PHPNuke-Clan = v4.2.0 mvcwconver.php Remote File Inclusion | | coded by DNX | ------------------------------------------------------------------ ! Discovered: DNX !...
PHPNuke-Clan 4.2.0 - 'mvcw_conver.php' Remote File Inclusion
'/ -.- --------------------------oOO------OOo------------------------- | PHPNuke-Clan = v4.2.0 mvcwconver.php Remote File Inclusion | | coded by DNX | ------------------------------------------------------------------ ! Discovered: DNX ! Vendor: http://www.phpnuke-clan.net ! Detected: 11.08.2007 ...
PHPNuke-Clan <= 4.2.0 (mvcw_conver.php) RFI Vulnerability
Exploit for unknown platform in category web applications ========================================================= PHPNuke-Clan = 4.2.0 mvcwconver.php RFI Vulnerability ========================================================= '/ -.- --------------------------oOO------OOo------------------------...
Directory traversal
Directory traversal vulnerability in Satellite.php in Satel Lite for PhpNuke allows remote attackers to read arbitrary files via a .. dot dot sequence in the name parameter in a modload action...
CVE-2007-3332
Directory traversal vulnerability in Satellite.php in Satel Lite for PhpNuke allows remote attackers to read arbitrary files via a .. dot dot sequence in the name parameter in a modload action...
CVE-2007-3332
Directory traversal vulnerability in Satellite.php in Satel Lite for PhpNuke allows remote attackers to read arbitrary files via a .. dot dot sequence in the name parameter in a modload action...
CVE-2007-3332
The CVE-2007-3332 entry concerns a directory traversal in Satellite.php of Satel Lite for PhpNuke, allowing remote attackers to read arbitrary files via a .. sequence in the name parameter used by a modload action. Affected component: Satellite.php in Satel Lite for PhpNuke. Root cause: improper ...
waraxe-2007-SA-048.txt
waraxe-2007-SA048 - Multiple vulnerabilities in Virtual War 1.5 module for PhpNuke Author: Janek Vind "waraxe" Date: 13. April 2007 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-48.html Target software description: VWar module for PhpNuke http://www.vwar.de/ VWar is a webbased...
[waraxe-2007-SA#048] - Multiple vulnerabilities in Virtual War 1.5 module for PhpNuke
waraxe-2007-SA048 - Multiple vulnerabilities in Virtual War 1.5 module for PhpNuke Author: Janek Vind "waraxe" Date: 13. April 2007 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-48.html Target software description: VWar module for PhpNuke http://www.vwar.de/ VWar is a webbased...
Satel Lite for PhpNuke (Satellite.php) <= Local File Inclusion
+-------------------------------------------------------------------- + + Satel Lite for PhpNuke Satellite.php = Local File Inclusion + +-------------------------------------------------------------------- + + Affected Software .: NUke Satel lite + Class .............: LoCal File Inclusion + Risk...
iFrame for Phpnuke (iframe.php) Remote File Inclusion Vulnerability
No description provided by source. iFRAME for PhpNuke iframe.php Remote File Include Vulnerabilities script :http://www.desarrollonuke.org http://up.9q9q.net/up/index.php?f=uTRRQnIjG file : iframe.php Dork : "/nuke/iframe.php" Found by & Contact : Cold z3ro , [email protected] ,...
iFrame for Phpnuke (iframe.php) Remote File Inclusion Vulnerability
Exploit for unknown platform in category web applications =================================================================== iFrame for Phpnuke iframe.php Remote File Inclusion Vulnerability =================================================================== iFRAME for PhpNuke iframe.php Remote...
PHPNuke多个SQL注入及跨站脚本漏洞
1"body onload="alertdocument.cookie;当浏览器时,可导致敏感信息泄露。2、SQL注入漏洞"/modules/Search/index.php"中,由于对"instory"字段缺少充分过滤,提交恶意SQL命令,可更改原有SQL逻辑,导致修改数据库或获得敏感信息。 Francisco Burzi PHP-Nuke 7.3 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:http://www.phpnuke.org Janek Vind ([email protected])提供了如下测试方法:...