Faction 访问控制错误漏洞

Faction is an open-source report generation and evaluation framework developed by Faction Security. Versions of Faction prior to 1.8.3 contained a access control vulnerability. This vulnerability stemmed from AccessControlInterceptor unconditionally calling invocation.invoke without checking vali...

PT-2007-6063 · Phpreactor · Phpreactor

Name of the Vulnerable Software and Affected Versions: phpReactor version 1.2.7pl1 Description: Multiple PHP remote file inclusion issues allow remote attackers to execute arbitrary PHP code via a URL in the pathtohomedir parameter to certain PHP files, including 1 ekilat.com-int.tpl.php, 2...