CVE-2017-12680

Cross-Site Scripting XSS exists in NexusPHP 1.5 via the type parameter to shoutbox.php...

CVE-2017-12680

Cross-Site Scripting XSS exists in NexusPHP 1.5 via the type parameter to shoutbox.php...

Cross site scripting

Cross-Site Scripting XSS exists in NexusPHP 1.5 via the type parameter to shoutbox.php...

CVE-2017-12680

Cross-Site Scripting (XSS) exists in NexusPHP 1.5 via the type parameter to shoutbox.php. The description indicates the vulnerability arises from input handling for the type parameter, enabling script injection. Affected software is NexusPHP 1.5 (PHP-based resource sharing software). This CVE is ...

Webfroot Shoutbox < 2.32 (Apache) Remote Exploit

No description provided by source. !/usr/bin/perl Webfroot Shoutbox 2.32 on apache exploit use IO::Socket; my $host = 127.0.0.1; my $port = 80; my $shoutbox = shoutbox.php?conf=; my $shoutboxpath = /shoutbox; my $cmd = ls -l; my $conn; my $type; my @logs = /etc/httpd/logs/acceslog,...

CVE-2007-4330

CVE-2007-4330 describes a PHP remote file inclusion in Shoutbox 1.0 (shoutbox.php) that lets an attacker execute arbitrary PHP code by supplying a URL in the root parameter. The vulnerability stems from improper validation of the root input, enabling remote code injection over the network. Accord...

CVE-2007-2141

CVE-2007-2141 affects ShoutPro 1.5.2 and is a Direct static code injection vulnerability in shoutbox.php. An attacker can inject arbitrary PHP code into shouts.php via the shout parameter, enabling remote code execution. The underlying root cause is unsanitized input handling in shoutbox.php, lea...

ShoutPro Shoutbox.PHP任意PHP代码执行漏洞

ShoutPro是一款基于PHP的WEB应用程序。 ShoutPro不正确过滤用户提交的输入，远程攻击者可以利用漏洞以WEB权限执行任意命令。 问题是'Shoutbox.PHP'脚本对用户提交的WEB参数缺少过滤，指定远程服务器上的文件作为包含参数，可导致以WEB权限执行任意命令。 ShoutPro 1.5.2 目前没有解决方案提供： http://shoutpro.com/ ?/ File: shoutbox.php Affects: ShoutPro 1.5.2 may affect earlier versions Date: 17th April 2007 Issue&n...

ShoutPro <= 1.5.2 (shout.php) Remote Code Injection Exploit

Exploit for unknown platform in category web applications =========================================================== ShoutPro ?php echo "...

CVE-2006-5312

CVE-2006-5312 affects the Ajax Shoutbox 0.0.5 and earlier module for phpBB, where PHP remote file inclusion is possible via the phpbb_root_path parameter in shoutbox.php, allowing remote code execution. Exploitation details are supported by sources such as Exploit-DB and NVD, with a base AV:N/AC:...

gshout.txt

SaVSaK.CoM | SpC-x - TheBeKiR | G Shout 1.3.1 Version - Remote File Include Vulnerability Risk : High Class: Remote Script : G Shout Credits : SpC-x Thanks : TheBeKiR - Ejder - FasTBoY - ERNE - RMx Code : include"config.php"; include"./includes/functions.inc.php"; include...