CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

182 matches found

myhack58•added 2011/04/26 12:0 a.m.•23 views

PHP code execution vulnerability references summary-vulnerability warning-the black bar safety net

A code execution function In PHP you can execute the Code of the function. Such as eval , assert , theand system and exec and shellexec and passthru and escapeshellcmd and pcntlexec , etc. demo code 1.1: The second file contains the code injection The file containing the function in the specific...

Exploits0

Packet Storm•added 2011/01/01 12:0 a.m.•62 views

KLINK SQL Injection

Andr�s G�mez Exploit Title : KLINK Sql Injection Vulnerability Date : 2010-12-31 Author : Andr�s G�mez Software Developed by : http://www.contacto.com Contact : [email protected] Dork : "allinurl:.php?txtCodiInfo=" An attacker may execute arbitrary SQL statements on the vulnerable system...

Exploits0

Exploit DB•added 2011/01/01 12:0 a.m.•93 views

KLINK - SQL Injection

7AI score

Exploits0

myhack58•added 2010/07/27 12:0 a.m.•605 views

PHP code execution vulnerability summary-vulnerability warning-the black bar safety net

PHP security lovers of the feastthe Month of PHP Security it. Read php-security on many of the cattle below, to issue to the shared under a., are idols wow. A code to perform the function In PHP you can execute the Code of the function. Such as eval , assert , theand system and exec and shellexec...

9AI score

Exploits0

myhack58•added 2010/06/30 12:0 a.m.•34 views

PHP code execution vulnerability-summary-vulnerability warning-the black bar safety net

Reference from:http://php-security.org/2010/05/20/mops-submission-07-our-dynamic-php/index.html A code execution function In PHP you can execute the Code of the function. Such as eval , assert , theand system and exec and shellexec and passthru and escapeshellcmd and pcntlexec , etc. demo code 1....

8.9AI score

Exploits0

Packet Storm•added 2009/12/31 12:0 a.m.•54 views

phpBB viewtopic.php Arbitrary Code Execution

$Id: phpbbhighlight.rb 7724 2009-12-06 05:50:37Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework...

7.5CVSS0.4AI score0.86512EPSS

Exploits17

Packet Storm•added 2009/09/04 12:0 a.m.•18 views

Zeroboard 4.1 pl7 Code Execution

/ poc by kyoungchip,jang email : [email protected] the bug - http://www.xpressengine.com/15955761 Application - Zeroboard 4.1 pl7 Reference: - http://www.nzeo.com - Zeroboard pregreplace vulnerability Remote nobody exploit by n0gada Target - My test server $ ./zbexpl...

Exploits0

exploitpack•added 2009/09/04 12:0 a.m.•16 views

ZeroBoard 4.1 pl7 - now_connect() Remote Code Execution

ZeroBoard 4.1 pl7 - nowconnect Remote Code Execution / poc by kyoungchip,jang email : [email protected] the bug - http://www.xpressengine.com/15955761 Application - Zeroboard 4.1 pl7 Reference: - http://www.nzeo.com - Zeroboard pregreplace vulnerability Remote nobody exploit by n0gada Targe...

Exploits0

Packet Storm•added 2009/05/08 12:0 a.m.•15 views

PHP Evaluation Replacement String

mberegireplace evaluate replacement string vulnerability by ryatwww.80vul.com when option parameter set e, matchs not be escaped. ex: phpinfo will be evaluated. mberegreplace if replacelen - i = 2 && fwd == 1 && p0 == '\' && p1 = '0' && p1 = 0 && n numregs if regs-begn = 0 && regs-begn endn &&...

0.1AI score

Exploits0

seebug.org•added 2009/05/08 12:0 a.m.•19 views

PHP mb_ereg(i)_replace() Evaluate Replacement String Vulnerability

No description provided by source. mberegireplace evaluate replacement string vulnerability by ryatwww.80vul.com when option parameter set e, matchs not be escaped. ex: ?php function hi80vul $str = '', phpinfo, ''; mberegreplace'^.$', 'hi80vul'\1'', $str, 'e'; ? phpinfo will be evaluated...

7.1AI score

Exploits0

0day.today•added 2009/05/07 12:0 a.m.•12 views

PHP mb_ereg(i)_replace() Evaluate Replacement String Vulnerability

Exploit for multiple platform in category local exploits ================================================================== PHP mberegireplace Evaluate Replacement String Vulnerability ================================================================== mberegireplace evaluate replacement string...

6.9AI score

Exploits0

exploitpack•added 2009/05/07 12:0 a.m.•16 views

PHP - mb_ereg(i)_replace() Evaluate Replacement String

PHP - mberegireplace Evaluate Replacement String mberegireplace evaluate replacement string vulnerability by ryatwww.80vul.com when option parameter set e, matchs not be escaped. ex: phpinfo will be evaluated. mberegreplace if replacelen - i = 2 && fwd == 1 && p0 == '\' && p1 = '0' && p1 = 0 && n...

0.1AI score

Exploits0

Exploit DB•added 2009/05/07 12:0 a.m.•30 views

PHP - 'mb_ereg(i)_replace()' Evaluate Replacement String

7.4AI score

Exploits0

Packet Storm•added 2009/03/25 12:0 a.m.•200 views

PHPizabi 0.848b Privilege Escalation

-------------------------------------------------------------------------------- PHPizabi v0.848b C1 HFP1 proc.inc.php remote privilege escalation php.ini independent by Nine:Situations:Group::bookoo -------------------------------------------------------------------------------- our site:...

0.8AI score

Exploits0

0day.today•added 2009/03/24 12:0 a.m.•307 views

PHPizabi v0.848b C1 HFP1 Remote Privilege Escalation Vulnerability

Exploit for unknown platform in category web applications ================================================================== PHPizabi v0.848b C1 HFP1 Remote Privilege Escalation Vulnerability ==================================================================...

7.1AI score

Exploits0

seebug.org•added 2009/03/24 12:0 a.m.•100 views

PHPizabi v0.848b C1 HFP1 Remote Privilege Escalation Vulnerability

No description provided by source. -------------------------------------------------------------------------------- PHPizabi v0.848b C1 HFP1 proc.inc.php remote privilege escalation php.ini independent by Nine:Situations:Group::bookoo...

7.1AI score

Exploits0

Prion•added 2009/02/22 10:30 p.m.•10 views

Code injection

avatarlist.php in the Your Account module, reached through modules.php, in Raven Web Services RavenNuke 2.30 allows remote authenticated users to execute arbitrary code via PHP sequences in an element of the replacements array, which is processed by the pregreplace function with the eval switch, ...

6.5CVSS7.9AI score0.16867EPSS

Exploits0References8Affected Software1

Prion•added 2009/01/21 2:30 a.m.•11 views

Code injection

The createanchors function in utils.inc in WebSVN 1.x allows remote attackers to execute arbitrary PHP code via a crafted username that is processed by the pregreplace function with the eval switch...

7.5CVSS8AI score0.04272EPSS

Exploits1References5Affected Software1