Atmail Email Server Appliance 6.4 Stored XSS - CSRF - RCE

Exploit for linux platform in category remote exploits Exploit Title: Atmail Email Server Appliance 6.4 Remote Code Execution Date: Jul 21 2012 Author: muts Version: Atmail Email Server 6.4 By sending an email to a user with the Atmail administrative interface open, we can call a remote JavaScrip...

CVE-2007-6683

The browser plugin in VideoLAN VLC 0.8.6d allows remote attackers to overwrite arbitrary files via 1 the :demuxdump-file option in a filename in a playlist, or 2 a EXTVLCOPT statement in an MP3 file, possibly an argument injection vulnerability...

CVE-2007-1987

Multiple PHP remote file inclusion vulnerabilities in PHPEcho CMS 2.0 allow remote attackers to execute arbitrary PHP code via a URL in the 1 pluginfile parameter to smarty/internals/core.loadpulgins.php or the 2 rootpath parameter to index.php. NOTE: CVE disputes 1 because the inclusion occurs...

PT-2007-3332 · Phpecho · Phpecho Cms

Name of the Vulnerable Software and Affected Versions: PHPEcho CMS version 2.0 Description: The issue allows remote attackers to potentially execute arbitrary PHP code. This is achieved via a URL in the plugin file parameter to "smarty/internals/core.load pulgins.php" or the root path parameter t...

DEBIAN-CVE-2005-4463

WordPress before 1.5.2 allows remote attackers to obtain sensitive information via a direct request to 1 wp-includes/vars.php, 2 wp-content/plugins/hello.php, 3 wp-admin/upgrade-functions.php, 4 wp-admin/edit-form.php, 5 wp-settings.php, and 6 wp-admin/edit-form-comment.php, which leaks the path ...