EUVD-2008-4117

Malware in sbrugna...

phpRealty 'view.php'远程文件包含漏洞

BUGTRAQ ID: 31213 CNCAN ID：CNCAN-2008091802 phpRealty是一款基于PHP的WEB应用程序。 phpRealty不正确处理用户提交的输入，远程攻击者可以利用漏洞以WEB进程权限执行任意PHP代码。 问题是'view.php'脚本对用户提交的WEB参数缺少过滤，提交远程服务器上的任意文件作为包含文件，可导致以WEB进程权限执行任意PHP代码。 phpRealty phpRealty 0.03 phpRealty phpRealty 0.02 升级到最新phpRealty 0.05版本： http://php-realty.com/...

CVE-2008-4134

PHP remote file inclusion vulnerability in manager/static/view.php in phpRealty 0.03 and earlier, and possibly other versions before 0.05, allows remote attackers to execute arbitrary PHP code via a URL in the INC parameter...

Remote file inclusion

PHP remote file inclusion vulnerability in manager/static/view.php in phpRealty 0.03 and earlier, and possibly other versions before 0.05, allows remote attackers to execute arbitrary PHP code via a URL in the INC parameter...

CVE-2008-4134

PHP remote file inclusion vulnerability in manager/static/view.php in phpRealty 0.03 and earlier, and possibly other versions before 0.05, allows remote attackers to execute arbitrary PHP code via a URL in the INC parameter...

CVE-2008-4134

The CVE-2008-4134 issue affects phpRealty 0.03 and earlier (and possibly other versions before 0.05). The root cause is a PHP remote file inclusion vulnerability in manager/static/view.php that lets an attacker supply a URL via the INC parameter to execute arbitrary PHP code on the server. The av...

phprealty-rfi.txt

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- phpRealty D.O.M Labs - Security Researchers - www.domlabs.org vuln code: ------------- 11: if!isset$GET'propID' || !isnumeric$GET'propID' || empty$GET'propID' 13: return; 17: include$INC."currconv.class.php"; // -------- Vuln Line!! // t...

phpRealty 0.3 (INC) Remote File Inclusion Vulnerability

Exploit for unknown platform in category web applications ======================================================= phpRealty 0.3 INC Remote File Inclusion Vulnerability ======================================================= -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- phpRealty Vul...

phpRealty 0.3 - INC Remote File Inclusion

phpRealty 0.3 - INC Remote File Inclusion -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- phpRealty D.O.M Labs - Security Researchers - www.domlabs.org vuln code: ------------- 11: if!isset$GET'propID' || !isnumeric$GET'propID' || empty$GET'propID' 13: return; 17:...

phpRealty 0.3 (INC) Remote File Inclusion Vulnerability

No description provided by source. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- phpRealty = 0.03 INC Remote File Inclusion Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- $ Script: phpRealty $ Version: = 0.03 $ File affected: manager/static/view.php $...

phpRealty 0.3 - 'INC' Remote File Inclusion

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- phpRealty D.O.M Labs - Security Researchers - www.domlabs.org vuln code: ------------- 11: if!isset$GET'propID' || !isnumeric$GET'propID' || empty$GET'propID' 13: return; 17: include$INC."currconv.class.php"; // -------- Vuln Line!! // t...

Immunity Canvas: PHPREALTY_INCLUDE

Name| phprealtyinclude ---|--- CVE| CVE-2007-4834 Exploit Pack| CANVAS Description| PHPrealty Remote file inclusion Notes| CVSS: 7.5 Repeatability: Infinite VENDOR: budissy.com CVE Url: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4834 CVE Name: CVE-2007-4834...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in phpRealty 0.02 allow remote attackers to execute arbitrary PHP code via a URL in the MGR parameter to 1 index.php, 2 pins.php, and 3 uins.php in manager/admin/...

CVE-2007-4834

Multiple PHP remote file inclusion vulnerabilities in phpRealty 0.02 allow remote attackers to execute arbitrary PHP code via a URL in the MGR parameter to 1 index.php, 2 pins.php, and 3 uins.php in manager/admin/...

CVE-2007-4834

CVE-2007-4834 describes multiple PHP remote file inclusion vulnerabilities in phpRealty 0.02. The issue allows remote attackers to execute arbitrary PHP code by supplying a URL in the MGR parameter to the files under manager/admin/ (specifically index.php, p_ins.php, and u_ins.php). The root caus...

phpRealty 0.02 - MGR Multiple Remote File Inclusions

phpRealty 0.02 - MGR Multiple Remote File Inclusions |-------------------------------------------------------------------------------| | | | phpRealty 0.02 MGR Remote File include | | | | Script : phpRealty | | Version : 0.02 | | Authord : QTRinux | | Contact : Qataro at hotmail dot com | | Vendo...

phpRealty 0.02 (MGR) Multiple Remote File Inclusion Vulnerabilities

No description provided by source. |-------------------------------------------------------------------------------| | | | phpRealty 0.02 MGR Remote File include | | | | Script : phpRealty | | Version : 0.02 | | Authord : QTRinux | | Contact : Qataro at hotmail dot com | | Vendor :...

phpRealty 0.02 - 'MGR' Multiple Remote File Inclusions

|-------------------------------------------------------------------------------| | | | phpRealty 0.02 MGR Remote File include | | | | Script : phpRealty | | Version : 0.02 | | Authord : QTRinux | | Contact : Qataro at hotmail dot com | | Vendor : http://phprealty.budissy.com/phprealty/v0.02/ | |...

phpreality-rfi.txt

|-------------------------------------------------------------------------------| | | | phpRealty 0.02 MGR Remote File include | | | | Script : phpRealty | | Version : 0.02 | | Authord : QTRinux | | Contact : Qataro at hotmail dot com | | Vendor : http://phprealty.budissy.com/phprealty/v0.02/ | |...

phpRealty 0.02 (MGR) Multiple Remote File Inclusion Vulnerabilities

Exploit for unknown platform in category web applications =================================================================== phpRealty 0.02 MGR Multiple Remote File Inclusion Vulnerabilities ===================================================================...