12 matches found
Immunity Canvas: SMARTPUB_EXEC
Name| smartpubexec ---|--- CVE| CVE-2008-0503 Exploit Pack| CANVAS Description| Smart Publisher 1.0.1 exec Notes| CVE Name: CVE-2008-0503 VENDOR: Smart Publisher Notes: Try using nc -e /bin/sh as your command and having a nc -vlp Repeatability: Infinite References:...
CVE-2008-0503
Eval injection vulnerability in admin/op/disp.php in Netwerk Smart Publisher 1.0.1 allows remote attackers to execute arbitrary PHP code via the filedata parameter...
CVE-2008-0503
CVE-2008-0503 affects Netwerk Smart Publisher 1.0.1. An eval() failure in admin/op/disp.php allows remote attackers to execute arbitrary PHP code via the filedata parameter, enabling unauthenticated, network-vector exploitation. CVSS 2.0 base score 6.8 ("NETWORK" attack vector, "MEDIUM" complexit...
CVE-2008-0503
Eval injection vulnerability in admin/op/disp.php in Netwerk Smart Publisher 1.0.1 allows remote attackers to execute arbitrary PHP code via the filedata parameter...
Smart Publisher 1.0.1 (disp.php) Remote Code Execution Vulnerability
No description provided by source. Smart Publisher 1.0.1 disp.php Remote Code Execution Exploit Script : http://sourceforge.net/projects/smart-publisher/ Vuln Code In '/admin/op/disp.php'In Line '3' eval"$v=".base64decode$filedata.";"; - Vuln...
smartpub-exec.txt
Smart Publisher 1.0.1 disp.php Remote Code Execution Exploit Script : http://sourceforge.net/projects/smart-publisher/ Vuln Code In '/admin/op/disp.php'In Line '3' eval"$v=".base64decode$filedata.";"; - Vuln POC : /admin/op/disp.php?filedata=cGhwaW5mbygp = phpinfo Base64...
Smart Publisher 1.0.1 (disp.php) Remote Code Execution Vulnerability
Exploit for unknown platform in category web applications ==================================================================== Smart Publisher 1.0.1 disp.php Remote Code Execution Vulnerability ====================================================================...
Smart Publisher 1.0.1 - filedata Remote Code Execution
Smart Publisher 1.0.1 - filedata Remote Code Execution Smart Publisher 1.0.1 disp.php Remote Code Execution Exploit Script : http://sourceforge.net/projects/smart-publisher/ Vuln Code In '/adm...
Smart Publisher index.php filedata Parameter Arbitrary Command Execution
The remote host is running Smart Publisher, an open source application for website publishing. The version of Smart Publisher on the remote host fails to sanitize input to the 'filedata' parameter of the 'index.php' script before using it in an 'eval' statement in the 'admin/op/disp.php' script t...
Smart Publisher 1.0.1 - 'filedata' Remote Code Execution
Smart Publisher 1.0.1 disp.php Remote Code Execution Exploit Script : http://sourceforge.net/projects/smart-publisher/ Vuln Code In '/admin/op/disp.php'In Line '3'...
CVE-2006-6072
SQL injection vulnerability in bpg/publicationslist.asp in BPG-InfoTech Easy Publisher and Smart Publisher//Pro 2.7.7 allows remote attackers to execute arbitrary SQL commands via the vjob parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party...
CVE-2006-6072
CVE-2006-6072: SQL injection in BPG-InfoTech Easy Publisher and Smart Publisher/Pro 2.7.7 via the vjob parameter in bpg/publications_list.asp. Root cause: unsafe SQL construction allowing remote execution of arbitrary commands. Impact: remote attacker could execute arbitrary SQL, with partial con...