PHP Weather 2.2.2 (LFI/XSS) Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications =========================================================== PHP Weather 2.2.2 LFI/XSS Multiple Remote Vulnerabilities =========================================================== Lfi/xss script: phpweather-2.2.2 download...

PHP weather 2.2.2 - Local File Inclusion Cross-Site Scripting

PHP weather 2.2.2 - Local File Inclusion Cross-Site Scripting Lfi/xss script: phpweather-2.2.2 download from:http://downloads.sourceforge.net/phpweather/phpweather-2.2.2.zip?modtime=1087430400&bigmirror=0 vul: /test.php line 48: requirePHPWEATHERBASEDIR . "/output/pwtext$language.php"; xpl:...

The Rat CMS Alpha 2 - 'download.php' Priviledge Escalation

---------------------------- The Rat Cms Alpha 2 Priviledge Escalation ---------------------------- Autore: x0r Email: [email protected] Download: http://downloads.sourceforge.net/the-rat-cms/trcmsprealpha2.zip?modtime=1174590953&bigmirror=0 ---------------------------- Bug In: /admin/.php So...

SUMON 0.7.0 - Command Execution

SUMON 0.7.0 - Command Execution :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ dunatstrcpy.pl sumon /tmp/dupa; Bug: ./sumon-0.7.0/server/www/chg.php lines: 32-25, 99 ... if...

phpAddEdit 1.3 Local File Inclusion

phpaddedit-1.3 LFI Author: nuclear script:http://sourceforge.net/projects/phpaddedit/ vuln:http://target.com/addedit-render.php?editform=../../../../../../../etc/passwd%00 vulnerable code: if !$formname && $GET"editform" $formname = $GET"editform"; ... if $errormessage || $error ||...

SUMON 0.7.0 - Command Execution

:::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ dunatstrcpy.pl sumon /tmp/dupa; Bug: ./sumon-0.7.0/server/www/chg.php lines: 32-25, 99 ... if arraykeyexists"host",$GET $host = $GET"host";...

Feed CMS 1.07.03.19b - 'lang' Local File Inclusion

Feed Cms 1.07.03.19 Beta LFI Autore: x0r Email: [email protected] Download: http://heanet.dl.sourceforge.net/sourceforge/feedcms/FeedCms1.07.03.19Beta.rar Bug In: index.php if $GET'lang' $language = $GET'lang'; setcookie'firstlang',$language,time+3600240365; header'location:'.$redirect; $lang ...

phpAddEdit 1.3 (editform) Local File Inclusion Vulnerability

No description provided by source. phpaddedit-1.3 LFI Author: nuclear script:http://sourceforge.net/projects/phpaddedit/ vuln:http://target.com/addedit-render.php?editform=../../../../../../../etc/passwd%00 vulnerable code: if !$formname && $GET"editform" $formname = $GET"editform"; ... if...

phpAddEdit 1.3 (editform) Local File Inclusion Vulnerability

Exploit for unknown platform in category web applications ============================================================ phpAddEdit 1.3 editform Local File Inclusion Vulnerability ============================================================ phpaddedit-1.3 LFI Author: nuclear...

[DSECRG-08-041] Stored XSS Vulnerability in Xoops 2.3.x

Digital Security Research Group DSecRG Advisory DSECRG-08-041 Application: XOOPS Versions Affected: 2.3.1, 2.3.2a Vendor URL: http://www.xoops.org/ Bug: Stored XSS Exploits: YES Reported: 10.11.2008 Vendor response: 10.11.2008 Solution: YES Date of Public Advisory: 08.12.2008 Authors: Digital...

phpAddEdit 1.3 - editform Local File Inclusion

phpAddEdit 1.3 - editform Local File Inclusion phpaddedit-1.3 LFI Author: nuclear script:http://sourceforge.net/projects/phpaddedit/ vuln:http://target.com/addedit-render.php?editform=../../../../../../../etc/passwd%00 vulnerable code: if !$formname && $GET"editform" $formname = $GET"editform";...

[DSECRG-08-040] Multiple Local File Include Vulnerabilities in Xoops 2.3.x

Digital Security Research Group DSecRG Advisory DSECRG-08-040 Application: XOOPS Versions Affected: 2.3.1 Vendor URL: http://www.xoops.org/ Bug: Multiple Local File Include Exploits: YES Reported: 10.11.2008 Vendor response: 10.11.2008 Solution: YES Date of Public Advisory: 08.12.2008 Authors:...

Simple Directory Listing 2 Cross Site File Upload Vulnerability

No description provided by source. Simple Directory Listing 2 - Cross Site File Upload -------------------------------------------------------------------------------- mx:Application xmlns:mx="http://www.adobe.com/2006/mxml" creationComplete="onAppInit" mx:Script / Written by Michael Brooks...

XOOPS 2.3.1 Multiple Local File Inclusion Vulnerabilities

No description provided by source. Digital Security Research Group DSecRG Advisory DSECRG-08-040 Application: XOOPS Versions Affected: 2.3.1 Vendor URL: http://www.xoops.org/ Bug: Multiple Local File Include Exploits: YES Reported: 10.11.2008 Vendor response: 10.11.2008 Solution: YES Date of Publ...

XOOPS 2.3.1/2.3.2a Cross Site Scripting

Digital Security Research Group DSecRG Advisory DSECRG-08-041 Application: XOOPS Versions Affected: 2.3.1, 2.3.2a Vendor URL: http://www.xoops.org/ Bug: Stored XSS Exploits: YES Reported: 10.11.2008 Vendor response: 10.11.2008 Solution: YES Date of Public Advisory: 08.12.2008 Authors: Digital...

ProQuiz 1.0 SQL Injection

---------------------------------------------------------------------------------------------------------------------------------------------------------------- 0 GENERAL DETAILS: Name : ProQuiz 1.0 Sql Injection Auth bypass Download :...

XOOPS 2.3.1 Local File Inclusions

Digital Security Research Group DSecRG Advisory DSECRG-08-040 Application: XOOPS Versions Affected: 2.3.1 Vendor URL: http://www.xoops.org/ Bug: Multiple Local File Include Exploits: YES Reported: 10.11.2008 Vendor response: 10.11.2008 Solution: YES Date of Public Advisory: 08.12.2008 Authors:...

Simple Directory Listing Upload Vulnerability

Simple Directory Listing 2 - Cross Site File Upload -------------------------------------------------------------------------------- / Written by Michael Brooks VUlerablity type: Cross Site File Upload. Affects: SDL 2.1 beta1 Product homepage: http://simpledirectorylisting.net/ SDL has 22+ millio...

XOOPS 2.3.1 Multiple Local File Inclusion Vulnerabilities

Exploit for unknown platform in category web applications ========================================================= XOOPS 2.3.1 Multiple Local File Inclusion Vulnerabilities ========================================================= Digital Security Research Group DSecRG Advisory DSECRG-08-040...

XOOPS 2.3.1 - Multiple Local File Inclusions

XOOPS 2.3.1 - Multiple Local File Inclusions Digital Security Research Group DSecRG Advisory DSECRG-08-040 Application: XOOPS Versions Affected: 2.3.1 Vendor URL: http://www.xoops.org/ Bug: Multiple Local File Include Exploits: YES Reported: 10.11.2008 Vendor response: 10.11.2008 Solution: YES Da...