pMachine 1.0/2.x Multiple Script sfx Parameter Path Disclosure

No description provided by source. source: http://www.securityfocus.com/bid/7980/info It has been reported that pMachine is prone to remote a patch disclosure vulnerability when accessing various scripts. When a request is made for a target PHP script, possibly requiring a blank URI parameter,...

pmachineExec.txt

This is a multi-part message in MIME format. ------=NextPart000000001C516AC.9C269F50 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit pMachine Pro / pMachine Free Remote Code Execution vendor website: http://www.pmachine.com I. BACKGROUND PMachine is one of the most...

[Full-Disclosure] pMachine Pro / pMachine Free Remote Code Execution

pMachine Pro / pMachine Free Remote Code Execution vendor website: http://www.pmachine.com I. BACKGROUND PMachine is one of the most flexible & creative on-line publishing tools available. With PMachine you can publish any kind of web content - from a basic weblog to an advanced, interactive...

pMachine 1.02.x - lib Multiple Script Direct Request Full Path Disclosures

pMachine 1.02.x - lib Multiple Script Direct Request Full Path Disclosures source: https://www.securityfocus.com/bid/7980/info It has been reported that pMachine is prone to remote a patch disclosure vulnerability when accessing various scripts. When a request is made for a target PHP script,...

pMachine 1.0/2.x - '/lib/' Multiple Script Direct Request Full Path Disclosures

source: https://www.securityfocus.com/bid/7980/info It has been reported that pMachine is prone to remote a patch disclosure vulnerability when accessing various scripts. When a request is made for a target PHP script, possibly requiring a blank URI parameter, pMachine is said to throw an...

pMachine 1.02.x - Multiple Script sfx Full Path Disclosures

pMachine 1.02.x - Multiple Script sfx Full Path Disclosures source: https://www.securityfocus.com/bid/7980/info It has been reported that pMachine is prone to remote a patch disclosure vulnerability when accessing various scripts. When a request is made for a target PHP script, possibly requiring...

pMachine 1.0/2.x - Search Module Cross-Site Scripting

source: https://www.securityfocus.com/bid/7981/info Reportedly, pMachine is vulnerable to a cross-site scripting attack. The vulnerability is present in the search module. The issue presents itself likely due to insufficient sanitization performed on user-supplied data that is passed as the query...

pMachine lib.inc.php pm_path Parameter Remote File Inclusion

It is possible to make the remote host include PHP files hosted on a third-party server using the pmachine CGI suite which is installed. An attacker may use this flaw to inject arbitrary code in the remote host and gain a shell with the privileges of the web server. %NASLMINLEVEL 70300 C Tenable...

PMachine 2.2.1 - Lib.Inc.php Remote File Inclusion Command Execution

PMachine 2.2.1 - Lib.Inc.php Remote File Inclusion Command Execution source: https://www.securityfocus.com/bid/7919/info It has been reported that PMachine does not properly handle include files under some circumstances. Because of this, an attacker may be able to remotely execute commands...

PMachine 2.2.1 - '/Lib.Inc.php' Remote File Inclusion / Command Execution

source: https://www.securityfocus.com/bid/7919/info It has been reported that PMachine does not properly handle include files under some circumstances. Because of this, an attacker may be able to remotely execute commands...

PMachine Lib.Inc.PHP Remote Include Command Execution Vulnerability

Description It has been reported that PMachine does not properly handle include files under some circumstances. Because of this, an attacker may be able to remotely execute commands. Technologies Affected PMachine PMachine 2.2.1 Recommendations Block external access at the network boundary, unles...