Lucene search
K

12 matches found

canvas
canvas
added 2008/01/31 8:0 p.m.39 views

Immunity Canvas: SMARTPUB_EXEC

Name| smartpubexec ---|--- CVE| CVE-2008-0503 Exploit Pack| CANVAS Description| Smart Publisher 1.0.1 exec Notes| CVE Name: CVE-2008-0503 VENDOR: Smart Publisher Notes: Try using nc -e /bin/sh as your command and having a nc -vlp Repeatability: Infinite References:...

6.8CVSS0.3AI score0.23182EPSS
Exploits1
NVD
NVD
added 2008/01/31 8:0 p.m.21 views

CVE-2008-0503

Eval injection vulnerability in admin/op/disp.php in Netwerk Smart Publisher 1.0.1 allows remote attackers to execute arbitrary PHP code via the filedata parameter...

6.8CVSS7.8AI score0.23182EPSS
Exploits1References4
CVE
CVE
added 2008/01/31 7:30 p.m.56 views

CVE-2008-0503

CVE-2008-0503 affects Netwerk Smart Publisher 1.0.1. An eval() failure in admin/op/disp.php allows remote attackers to execute arbitrary PHP code via the filedata parameter, enabling unauthenticated, network-vector exploitation. CVSS 2.0 base score 6.8 ("NETWORK" attack vector, "MEDIUM" complexit...

6.8CVSS7.8AI score0.23182EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2008/01/31 7:30 p.m.28 views

CVE-2008-0503

Eval injection vulnerability in admin/op/disp.php in Netwerk Smart Publisher 1.0.1 allows remote attackers to execute arbitrary PHP code via the filedata parameter...

7.8AI score0.23182EPSS
Exploits1References4
seebug.org
seebug.org
added 2008/01/30 12:0 a.m.20 views

Smart Publisher 1.0.1 (disp.php) Remote Code Execution Vulnerability

No description provided by source. Smart Publisher 1.0.1 disp.php Remote Code Execution Exploit Script : http://sourceforge.net/projects/smart-publisher/ Vuln Code In '/admin/op/disp.php'In Line '3' eval"$v=".base64decode$filedata.";"; - Vuln...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2008/01/30 12:0 a.m.28 views

smartpub-exec.txt

Smart Publisher 1.0.1 disp.php Remote Code Execution Exploit Script : http://sourceforge.net/projects/smart-publisher/ Vuln Code In '/admin/op/disp.php'In Line '3' eval"$v=".base64decode$filedata.";"; - Vuln POC : /admin/op/disp.php?filedata=cGhwaW5mbygp = phpinfo Base64...

7.4AI score
Exploits0
0day.today
0day.today
added 2008/01/29 12:0 a.m.30 views

Smart Publisher 1.0.1 (disp.php) Remote Code Execution Vulnerability

Exploit for unknown platform in category web applications ==================================================================== Smart Publisher 1.0.1 disp.php Remote Code Execution Vulnerability ====================================================================...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2008/01/29 12:0 a.m.11 views

Smart Publisher 1.0.1 - filedata Remote Code Execution

Smart Publisher 1.0.1 - filedata Remote Code Execution Smart Publisher 1.0.1 disp.php Remote Code Execution Exploit Script : http://sourceforge.net/projects/smart-publisher/ Vuln Code In '/adm...

0.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2008/01/29 12:0 a.m.22 views

Smart Publisher index.php filedata Parameter Arbitrary Command Execution

The remote host is running Smart Publisher, an open source application for website publishing. The version of Smart Publisher on the remote host fails to sanitize input to the 'filedata' parameter of the 'index.php' script before using it in an 'eval' statement in the 'admin/op/disp.php' script t...

6.8CVSS6.3AI score0.23182EPSS
Exploits1References2
Exploit DB
Exploit DB
added 2008/01/29 12:0 a.m.40 views

Smart Publisher 1.0.1 - 'filedata' Remote Code Execution

Smart Publisher 1.0.1 disp.php Remote Code Execution Exploit Script : http://sourceforge.net/projects/smart-publisher/ Vuln Code In '/admin/op/disp.php'In Line '3'...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2006/11/24 5:0 p.m.19 views

CVE-2006-6072

SQL injection vulnerability in bpg/publicationslist.asp in BPG-InfoTech Easy Publisher and Smart Publisher//Pro 2.7.7 allows remote attackers to execute arbitrary SQL commands via the vjob parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party...

8.1AI score0.01114EPSS
Exploits0References3
CVE
CVE
added 2006/11/24 5:0 p.m.40 views

CVE-2006-6072

CVE-2006-6072: SQL injection in BPG-InfoTech Easy Publisher and Smart Publisher/Pro 2.7.7 via the vjob parameter in bpg/publications_list.asp. Root cause: unsafe SQL construction allowing remote execution of arbitrary commands. Impact: remote attacker could execute arbitrary SQL, with partial con...

7.5CVSS8.5AI score0.01114EPSS
Exploits0References3Affected Software2
Rows per page
Query Builder