7 matches found
EUVD-2009-0295
Malware in sbrugna...
Gnuboard 4.33.02 SQL Injection
Exploit Title: Gnuboard = 4.33.02 PATHINFO SQL INJECTION Vulnerability Google Dork: inurl:gnuboard4/bbs/board.php Date: 2011-2-14 Author: flyh4t Software Link: http://sir.co.kr/main/gnuboard4/ Version: Gnuboard = 4.33.02 Tested on: linux+apache CVE : CVE-2011-4066 Gnuboard = 4.33.02 PATHINFO SQL...
GNUBoard 4.33.02 - tp.php?PATH_INFO SQL Injection
GNUBoard 4.33.02 - tp.php?PATHINFO SQL Injection Exploit Title: Gnuboard = 4.33.02 PATHINFO SQL INJECTION Vulnerability Google Dork: inurl:gnuboard4/bbs/board.php Date: 2011-2-14 Author: flyh4t Software Link: http://sir.co.kr/main/gnuboard4/ Version: Gnuboard = 4.33.02 Tested on: linux+apache CVE...
GNUBoard 4.33.02 - 'tp.php?PATH_INFO' SQL Injection
Exploit Title: Gnuboard = 4.33.02 PATHINFO SQL INJECTION Vulnerability Google Dork: inurl:gnuboard4/bbs/board.php Date: 2011-2-14 Author: flyh4t Software Link: http://sir.co.kr/main/gnuboard4/ Version: Gnuboard = 4.33.02 Tested on: linux+apache CVE : CVE-2011-4066 Gnuboard = 4.33.02 PATHINFO SQL...
Gnuboard <= 4.33.02 tp.php PATH_INFO SQL Injection
Exploit for php platform in category web applications Exploit Title: Gnuboard = 4.33.02 PATHINFO SQL INJECTION Vulnerability Google Dork: inurl:gnuboard4/bbs/board.php Date: 2011-2-14 Author: flyh4t Software Link: http://sir.co.kr/main/gnuboard4/ Version: Gnuboard = 4.33.02 Tested on: linux+apach...
Directory traversal
Directory traversal vulnerability in common.php in SIR GNUBoard 4.31.03 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the g4path parameter. NOTE: in some environments, this can be leveraged for remote code execution via a data: URI or a UNC share pathnam...
CVE-2009-0290
CVE-2009-0290 concerns a directory traversal in SIR GNUBoard 4.31.03, where an attacker can use a .. in the g4_path parameter to include and execute local files. The vulnerability allows potential remote code execution via data: URIs or UNC paths in certain environments. Affected software is GNUB...