CVE-2009-1502

CVE-2009-1502 affects S-Cms versions 1.1 Stable and 1.5.2, where the plugin.php page parameter is vulnerable to directory traversal, allowing remote attackers to include and execute arbitrary local files. The vulnerability stems from improper handling of directory traversal sequences, enabling un...

S-CMS version 1.1 suffers from a local file inclusion vulnerability in plugin.php

s-cms/plugin.php code: $page=$GET'page'; error 1 $sqlselectplugincase= mysqlquery"SELECT FROM ".$prefix."plugins WHERE active = '1' AND file='$page'"; if $sqlselectplugincase include "plugins/$page"; error 2 S-CMS version 1.1 暂无 yildirimordulari.com/s-cms/plugin.php?page=File for demo:...

S-Cms 1.1 Stable (page) Local File Inclusion Vulnerability

Exploit for unknown platform in category web applications ========================================================== S-Cms 1.1 Stable page Local File Inclusion Vulnerability ========================================================== S-Cms 1.1 Stable page LFi...

bigace-rfi.txt

/ \ @ /|\ /|\ |-| / | \ /|/\ / | \ @ | |--------------------/--|-voV---|'/--Vov-|-----------------------|-| |-| '^ o o '^ | | | | \Y/' |-| |-| | | | | -=ShAd0w-CrEw=- |-| |-| | | | | |-| ||| | @ l /\ / \ /\ l |-| l / V \ \ V \ l @ l/ \I \ /' ---------------------------------------------- GrEeTs...

Txx CMS 0.2 - Multiple Remote File Inclusions

:::::::::::::::::::::::::::::::::::::::::::::::::::....................... ::| \ | | \ | | / | ::| | | | | | | | ::| . | |/ / \ | . |/ | ' \ / \ | | | '/ \ \ /\ / / ::| |\ | | | / | |\ | | | | | | | | / | || | | /\ V V / ::|| ||\| || |,|| || ||| || | // :::::::::::::::::::::::::::::We...

Sql injection

Multiple SQL injection vulnerabilities in Papoo 2.1.5, and 3 beta1 and earlier, allow remote attackers to execute arbitrary SQL commands via the 1 getlang and 2 reporeid parameter in a index.php, 3 menuid parameter in b plugin.php and c forumthread.php, and 4 msgid parameter in forumthread.php...

CVE-2006-1766

Multiple SQL injection vulnerabilities in Papoo 2.1.5, and 3 beta1 and earlier, allow remote attackers to execute arbitrary SQL commands via the 1 getlang and 2 reporeid parameter in a index.php, 3 menuid parameter in b plugin.php and c forumthread.php, and 4 msgid parameter in forumthread.php...

Papoo Multiple SQL vuln.

Papoo Multiple SQL vuln. Vuln. discovered by : r0t Date: 10 april 2006 vendor:http://www.papoo.de/ affected versions: 2.1.5 & 3 beta1 and previous Vuln. description: Papoo contains a flaw that allows a remote sql injection attacks.Inputpassed to the "getlang","reporeid" parameters in " index.php"...