10 matches found
Sponge News <= 2.2 (sndir) Remote File Include Vulnerability
No description provided by source. ============================================================================================== Sponge News = v2.2 sndir Remote File Inclusion Exploit =============================================================================================== Critical Level :...
Sponge News News.PHP远程文件包含漏洞
Sponge News是一款基于PHP的新闻管理程序。 Sponge News不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞以WEB进程权限执行任意命令。 问题是由于'News.PHP'脚本对用户提交的'sndir'参数缺少过滤,提交恶意的远程服务器作为包含对象,可导致以WEB进程权限执行任意PHP代码。 Sponge News Sponge News 2.2 http://rickeeweb.free.fr/spongeweb http://www.example.com/Script Path/news.php?sndir=http://www.example.com...
CVE-2006-4647
PHP remote file inclusion vulnerability in news.php in Sponge News 2.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the sndir parameter...
CVE-2006-4647
PHP remote file inclusion vulnerability in news.php in Sponge News 2.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the sndir parameter...
CVE-2006-4647
CVE-2006-4647 is a PHP remote file inclusion vulnerability in Sponge News 2.2 and earlier. The flaw exists in news.php and allows a remote attacker to execute arbitrary PHP code by supplying a URL in the sndir parameter. The NVD entry assigns a base score of 7.5 (HIGH) with network attack vector ...
Sponge News <= v2.2 (sndir) Remote File Inclusion Exploit
============================================================================================== Sponge News = v2.2 sndir Remote File Inclusion Exploit =============================================================================================== Critical Level : Dangerous Venedor site :...
Sponge News 2.2 - sndir Remote File Inclusion
Sponge News 2.2 - sndir Remote File Inclusion ============================================================================================== Sponge News = v2.2 sndir Remote File Inclusion Exploit ===============================================================================================...
Sponge News <= 2.2 (sndir) Remote File Include Vulnerability
Exploit for unknown platform in category web applications ============================================================ Sponge News = 2.2 sndir Remote File Include Vulnerability ============================================================...
Sponge News <= 2.2 (sndir) Remote File Include Vulnerability
No description provided by source. ============================================================================================== Sponge News = v2.2 sndir Remote File Inclusion Exploit =============================================================================================== Critical Level :...
Sponge News 2.2 - 'sndir' Remote File Inclusion
============================================================================================== Sponge News = v2.2 sndir Remote File Inclusion Exploit =============================================================================================== Critical Level : Dangerous Venedor site :...