5 matches found
PPC Search Engine INC远程文件包含漏洞
PPC Search Engine是一款基于PHP的WEB应用程序。 PPC Search Engine不正确过滤用户提交的输入,远程攻击者可以利用漏洞以WEB权限执行任意命令。 问题是多个脚本对用户提交的'INC'参数缺少过滤,指定远程服务器上的文件作为包含参数,可导致以WEB权限执行任意命令。 PPC Search Engine 1.61 目前没有解决方案提供: http://www.hyper-scripts.com/demo/ppc...
CVE-2007-0167
CVE-2007-0167 concerns the WGS-PPC (PPC Search Engine) suite with multiple PHP file inclusion vulnerabilities. The NVD and related records describe that remote attackers can execute arbitrary PHP code by passing a URL in the INC parameter across multiple files and directories, including config_ad...
CVE-2007-0167
Multiple PHP file inclusion vulnerabilities in WGS-PPC aka PPC Search Engine, as distributed with other aliases, allow remote attackers to execute arbitrary PHP code via a URL in the INC parameter in 1 configadmin.php, 2 configmain.php, 3 configmember.php, and 4 mysqlconfig.php in config/; 5...
PPC Search Engine 1.61 (INC) Multiple Remote File Include Vulnerabilities
No description provided by source. ============================ HItamputih Crew ==================== hitamputih Advisory Discovered By : IbnuSina ----------------------------------------------------------- script demo: http://www.hyper-scripts.com/demo/ppc/ Risk : very danger Thanks To : all...
PPC Search Engine 1.61 (INC) Multiple Remote File Include Vulnerabilities
Exploit for unknown platform in category web applications ========================================================================= PPC Search Engine 1.61 INC Multiple Remote File Include Vulnerabilities =========================================================================...