60 matches found
EUVD-2011-3744
Malware in sbrugna...
EUVD-2004-2460
Malware in sbrugna...
EUVD-2008-3256
Malware in sbrugna...
EUVD-2009-0817
Malware in sbrugna...
EUVD-2004-1645
Malware in sbrugna...
EUVD-2004-1646
Malware in sbrugna...
CVE-2011-3787
phpScheduleIt 1.2.12 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by templates/schedule.template.php and certain other files...
CVE-2009-0820
Multiple eval injection vulnerabilities in phpScheduleIt before 1.2.11 allow remote attackers to execute arbitrary code via 1 the enddate parameter to reserve.php and 2 the startdate and enddate parameters to check.php. NOTE: the startdate/reserve.php vector is already covered by CVE-2008-6132...
CVE-2019-9581
phpscheduleit Booked Scheduler 2.7.5 allows arbitrary file upload via the Favicon field, leading to execution of arbitrary Web/custom-favicon.php PHP code, because Presenters/Admin/ManageThemePresenter.php does not ensure an image file extension...
Default credentials
phpscheduleit Booked Scheduler 2.7.5 allows arbitrary file upload via the Favicon field, leading to execution of arbitrary Web/custom-favicon.php PHP code, because Presenters/Admin/ManageThemePresenter.php does not ensure an image file extension...
phpScheduleIt PHP reserve.php start_date Parameter Arbitrary Code Injection
No description provided by source. $Id: phpscheduleitstartdate.rb 14073 2011-10-26 18:06:12Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...
phpScheduleIt <= 1.2.10 (reserve.php) Remote Code Execution Exploit
No description provided by source. ?php / ------------------------------------------------------------------- phpScheduleIt = 1.2.10 reserve.php Remote Code Execution Exploit ------------------------------------------------------------------- author...: EgiX mail.....: n0b0d13satgmaildotcom...
phpScheduleIt PHP reserve.php start_date Parameter Arbitrary Code Injection
$Id: phpscheduleitstartdate.rb 14073 2011-10-26 18:06:12Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
phpScheduleIt PHP reserve.php start_date Parameter Arbitrary Code Injection
This module exploits an arbitrary PHP code execution flaw in the phpScheduleIt software. This vulnerability is only exploitable when the magicquotesgpc PHP option is 'off'. Authentication is not required to exploit the bug. Version 1.2.10 and earlier of phpScheduleIt are affected. This module...
phpScheduleIt 1.2.10 - 'reserve.php' Arbitrary Code Injection (Metasploit)
$Id: phpscheduleitstartdate.rb 14073 2011-10-26 18:06:12Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
CVE-2011-3787
phpScheduleIt 1.2.12 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by templates/schedule.template.php and certain other files...
Information disclosure
phpScheduleIt 1.2.12 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by templates/schedule.template.php and certain other files...
CVE-2011-3787
phpScheduleIt 1.2.12 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by templates/schedule.template.php and certain other files...
CVE-2011-3787
CVE-2011-3787 affects phpScheduleIt 1.2.12. An information-disclosure flaw exists where remote attackers can obtain sensitive data by requesting a .php file directly, with the installation path leaked in an error message (demonstrated by templates/schedule.template.php and related files). The vul...
phpScheduleIt 1.2.12 Cross Site Scripting
Vulnerability ID: HTB22987 Reference: http://www.htbridge.ch/advisory/multiplexssinphpscheduleit.html Product: phpScheduleIt Vendor: php.brickhost.com Vulnerable Version: 1.2.12 Vendor Notification: 05 May 2011 Vulnerability Type: XSS Cross Site Scripting Risk level: Medium Credit: High-Tech Brid...