25 matches found
EUVD-2012-6598
Malware in sbrugna...
CVE-2012-10037
PhpTax version 0.8 contains a remote code execution vulnerability in drawimage.php. The pfilez GET parameter is unsafely passed to the exec function without sanitization. A remote attacker can inject arbitrary shell commands, leading to code execution under the web server's context. No...
CVE-2012-10037
PhpTax version 0.8 contains a remote code execution vulnerability in drawimage.php. The pfilez GET parameter is unsafely passed to the exec function without sanitization. A remote attacker can inject arbitrary shell commands, leading to code execution under the web server's context. No...
CVE-2012-10037
PhpTax 0.8 is affected by a remote code execution in drawimage.php. The pfilez GET parameter is passed directly to exec() without sanitization, allowing an attacker to inject arbitrary shell commands and execute code in the web server context without authentication. Multiple sources (NVD, Red Hat...
CVE-2012-10037 PhpTax pfilez Parameter Exec Remote Code Injection
PhpTax version 0.8 contains a remote code execution vulnerability in drawimage.php. The pfilez GET parameter is unsafely passed to the exec function without sanitization. A remote attacker can inject arbitrary shell commands, leading to code execution under the web server's context. No...
PT-2025-32550 · Phptax · Phptax
Name of the Vulnerable Software and Affected Versions: PhpTax version 0.8 Description: PhpTax version 0.8 contains a remote code execution issue in drawimage.php. The pfilez GET parameter is passed to the exec function without proper sanitization. This allows a remote attacker to inject arbitrary...
Sourceforge Phptax 安全漏洞
Sourceforge Phptax is an open source tax calculator from Sourceforge. A security vulnerability exists in Sourceforge Phptax version 0.8, which stems from the pfilez parameter being passed unvalidated directly to the exec function, which could lead to remote code execution...
PhpTax pfilez Parameter Exec Remote Code Injection
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...
PhpTax 0.8 - File Manipulation(newvalue,field) Remote Code Execution
No description provided by source. ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team .. +---------------------------^----------| ,-------, | / XXXXXX /| / / XXXXXX / \ / / XXXXXX /\ / XXXXXX / / XXXXXX / ------' Exploit Title : PhpTax File...
PhpTax pfilez Remote Code Execution
A remote code execution vulnerability exits in PHPTax application...
PhpTax 0.8 Code Execution Vulnerability
PhpTax version 0.8 suffers from a file manipulation remote code execution vulnerability. ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team .. +---------------------------^----------| ,-------, | / XXXXXX /| / / XXXXXX / \ / / XXXXXX /\ / XXXXXX / ...
PhpTax 0.8 Code Execution
,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team .. +---------------------------^----------| ,-------, | / XXXXXX /| / / XXXXXX / \ / / XXXXXX /\ / XXXXXX / / XXXXXX / ------' Exploit Title : PhpTax File Manipulationnewvalue,field Remote Code...
PhpTax 0.8 - File Manipulation newvalue Remote Code Execution
PhpTax 0.8 - File Manipulation newvalue Remote Code Execution ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team .. +---------------------------^----------| ,-------, | / XXXXXX /| / / XXXXXX / \ / / XXXXXX /\ / XXXXXX / / XXXXXX / ------' Exploit...
PhpTax 0.8 - File Manipulation 'newvalue' / Remote Code Execution
,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team .. +---------------------------^----------| ,-------, | / XXXXXX /| / / XXXXXX / \ / / XXXXXX /\ / XXXXXX / / XXXXXX / ------' Exploit Title : PhpTax File Manipulationnewvalue,field Remote Code...
phptax 0.8 <= Remote Code Execution Vulnerability
----------------------------------------------------- phptax 0.8 = Remote Code Execution Vulnerability ----------------------------------------------------- Discovered by: Jean Pascal Pereira [email protected] Vendor information: "PhpTax is free software to do your U.S. income taxes. Tested under...
PhpTax - 'pfilez' Execution Remote Code Injection (Metasploit)
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "PhpTax pfilez...
PhpTax 0.8 'drawimage.php' Remote Arbitrary Command Execution Vulnerability
PhpTax is prone to a remote arbitrary command execution vulnerability because it fails to properly validate user-supplied input. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
PhpTax pfilez Parameter Exec Remote Code Injection
Exploit for php platform in category web applications This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...
PhpTax pfilez Parameter Exec Remote Code Injection
This module exploits a vulnerability found in PhpTax, an income tax report generator. When generating a PDF, the icondrawpng function in drawimage.php does not properly handle the pfilez parameter, which will be used in an exec statement, and then results in arbitrary remote code execution under...
PhpTax pfilez Parameter Exec Remote Code Injection
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "PhpTax pfilez...