CVE-2007-3007

PHP 5 before 5.2.3 does not enforce the openbasedir or safemode restriction in certain cases, which allows context-dependent attackers to determine the existence of arbitrary files by checking if the readfile function returns a string. NOTE: this issue might also involve the realpath function...

CVE-2007-3007

PHP 5 before 5.2.3 does not enforce the openbasedir or safemode restriction in certain cases, which allows context-dependent attackers to determine the existence of arbitrary files by checking if the readfile function returns a string. NOTE: this issue might also involve the realpath function...

PT-2007-4304 · Php · Php

Name of the Vulnerable Software and Affected Versions: PHP versions prior to 5.2.3 Description: The issue allows context-dependent attackers to determine the existence of arbitrary files by checking if the readfile function returns a string. This might also involve the realpath function...

Beryo 2.0(downloadpic.php chemin)Remote File Disclosure Vulnerability

Beryo 2.0downloadpic.php cheminRemote File Disclosure Vulnerability D.Script: http://www.xrousse.org/shared/beryo-2.0.tar.gz Discovered by: GolDM = Mahmoodali Homepage: http://www.Tryag.cc Greetz To: Tryag-Team & 4lKaSrGoLd3n-Team & AsbMay's Group V.Code: readfile"$chemin";...

Beryo 2.0 - downloadpic.php?chemin Remote File Disclosure

Beryo 2.0 - downloadpic.php?chemin Remote File Disclosure Beryo 2.0downloadpic.php cheminRemote File Disclosure Vulnerability D.Script: http://www.xrousse.org/shared/beryo-2.0.tar.gz Discovered by: GolDM = Mahmoodali Homepage: http://www.Tryag.cc Greetz To: Tryag-Team & 4lKaSrGoLd3n-Team & AsbMay...

Beryo 2.0 - 'downloadpic.php?chemin' Remote File Disclosure

Beryo 2.0downloadpic.php cheminRemote File Disclosure Vulnerability D.Script: http://www.xrousse.org/shared/beryo-2.0.tar.gz Discovered by: GolDM = Mahmoodali Homepage: http://www.Tryag.cc Greetz To: Tryag-Team & 4lKaSrGoLd3n-Team & AsbMay's Group V.Code: readfile"$chemin";...

readfile() Safe Mode Bypass PHP 5.2.1/ 5.1.6 / 4.4.4

SecurityRisk : DEN Remote Exploit : No Local Exploit : Yes Exploit Given : Yes Credit : The-WolF-kSA Date : 24.3.2007 Affected Software : PHP 5.2.1/ 5.1.6 / 4.4.4 readfile Safe Mode Bypass PHP 5.2.1/ 5.1.6 / 4.4.4 Author: ThE-WoLf-KsA Date: - -Written: 24.3.2007 - --- 0.Description --- - --- 1...

CVE-2007-1710

The readfile function in PHP 4.4.4, 5.1.6, and 5.2.1 allows context-dependent attackers to bypass safemode restrictions and read arbitrary files by referring to local files with a certain URL syntax instead of a pathname syntax, as demonstrated by a filename preceded a "php://../../" sequence...

CVE-2007-1710

The readfile function in PHP 4.4.4, 5.1.6, and 5.2.1 allows context-dependent attackers to bypass safemode restrictions and read arbitrary files by referring to local files with a certain URL syntax instead of a pathname syntax, as demonstrated by a filename preceded a "php://../../" sequence...

Design/Logic Flaw

The readfile function in PHP 4.4.4, 5.1.6, and 5.2.1 allows context-dependent attackers to bypass safemode restrictions and read arbitrary files by referring to local files with a certain URL syntax instead of a pathname syntax, as demonstrated by a filename preceded a "php://../../" sequence...

CVE-2007-1710

The CVE-2007-1710 issue affects PHP’s readfile function in versions 4.4.4, 5.1.6, and 5.2.1, where an attacker can bypass safe_mode and read arbitrary local files by using a php://… URL syntax (e.g., php://../../…). This is a local-privilege-context vulnerability enabling partial disclosure of in...

CVE-2007-1710

The readfile function in PHP 4.4.4, 5.1.6, and 5.2.1 allows context-dependent attackers to bypass safemode restrictions and read arbitrary files by referring to local files with a certain URL syntax instead of a pathname syntax, as demonstrated by a filename preceded a "php://../../" sequence...

netForo! 0.1 - down.php?file_to_download Remote File Disclosure

netForo! 0.1 - down.php?filetodownload Remote File Disclosure netForo 0.1gfiletodownloadRemote File Disclosure Exploit D.Script: http://sourceforge.net/projects/netforo/ Discovered by: GloDM = Mahmoodali Homepage: http://www.Tryag.cc Greetz To: Tryag-Team & 4lKaSrGoLd3n-Team & AsbMay's Group...

netForo! 0.1 - 'down.php?file_to_download' Remote File Disclosure

netForo 0.1gfiletodownloadRemote File Disclosure Exploit D.Script: http://sourceforge.net/projects/netforo/ Discovered by: GloDM = Mahmoodali Homepage: http://www.Tryag.cc Greetz To: Tryag-Team & 4lKaSrGoLd3n-Team & AsbMay's Group V.Code: readfile$GET'filetodownload';...

Webfwlog <= 0.92 (debug.php) Remote File Disclosure Vulnerability

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + D.Script:ftp://ftp.freebsd.org/pub/FreeBSD/ports/i386/packages-stable/All/webfwlog-0.92.tbz + D.Scrpit:http://webfwlog.sourceforge.net/...

Invision Gallery <= 2.0.7 ReadFile() & SQL Injection Exploit (linux)

Exploit for unknown platform in category web applications ==================================================================== Invision Gallery 2.0.7 ReadFile & SQL injection exploit +-------------+ | Uzage: | +-------------+ + ReadFile: - syntax: readfile 1 readfile 2 // try it if readfile1 fail...

Invision Gallery &lt;= 2.0.7 ReadFile() &amp; SQL Injection Exploit (linux)

No description provided by source. / | || || | | |/ / | || | | / - | | ' | ' | / | ' \ - |||||||\|||, |||// hellknights.void.ru |/ coded by 1nf3ct0r Windows, ported by ShadOSLinux Invision Gallery = 2.0.7 ReadFile & SQL injection exploit +-------------+ | Uzage: | +-------------+ + ReadFile: -...

Invision Gallery 2.0.7 (Linux) - &#039;readfile()&#039; / SQL Injection

/ | || || | | |/ / | || | | / - | | ' 2.0.7 ReadFile & SQL injection exploit +-------------+ | Uzage: | +-------------+ + ReadFile: - syntax: readfile 1 readfile 2 // try it if readfile1 failed ; - params: - path to local file ../file, for example: ../../../../../etc/passwd s0, if u want to get...

Invision Gallery 2.0.7 (Linux) - readfile() SQL Injection

Invision Gallery 2.0.7 Linux - readfile SQL Injection / | || || | | |/ / | || | | / - | | ' 2.0.7 ReadFile & SQL injection exploit +-------------+ | Uzage: | +-------------+ + ReadFile: - syntax: readfile 1 readfile 2 // try it if readfile1 failed ; - params: - path to local file ../file, for...

Foafgen 0.3 - redir.php Local Source Disclosure

Foafgen 0.3 - redir.php Local Source Disclosure Title..: 7 php scripts File Inclusion Vuln / Source disclosure Credits: DarkFig Og.link: http://acid-root.new.fr/poc/13061007.txt Using http://www.google.com/codesearch Few examples about what we can do with a code search engine For educational...