396 matches found
vBulletin 3.6.4 - 'inlinemod.php?postids' SQL Injection
input-cleanarraygpc'p', array 'postids' = TYPESTR, ; $postids = explode',',...
CVE-2006-6966
phpGraphy before 0.9.13a does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to execute arbitrary PHP code by uploading a config.php file via the pictures parameter to...
CVE-2006-6966
phpGraphy before 0.9.13a does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to execute arbitrary PHP code by uploading a config.php file via the pictures parameter to...
phpMyAdmin多个CSRF漏洞
phpMyAdmin是一款流行的基于web的管理MySQL数据库程序。 phpMyAdmin存在跨站请求伪造问题,远程攻击者可以利用漏洞利用CSRF攻击诱使phpMyAdmin用户在目标数据库服务器上执行任意sql查询。 phpMyAdmin使用在用户会话中存储随机token来保护跨站请求伪造,CSRF意思是web站点诱使浏览用户浏览器针对其他站点发送http请求。在phpMyAdmin中的CSRF意味着其他站点可以诱使phpMyAdmin用户的浏览器发送任意sql查询到自身的数据库。 phpMyAdmin由于如下问题而可导致绕过CSRF的保护: --Token验证:...
WoltLab Burning Board Lite wbb_userid Parameter PHP Unset SQL Injection
The remote version of Burning Board Lite fails to sanitize input to the 'wbbuserid' parameter before using it in a database query. Provided PHP's 'registerglobals' setting is enabled and 'magicquotesgpc' setting is disabled, an unauthenticated attacker may be able to leverage this issue to uncove...
CVE-2006-5116
Multiple cross-site request forgery CSRF vulnerabilities in phpMyAdmin before 2.9.1-rc1 allow remote attackers to perform unauthorized actions as another user by 1 directly setting a token in the URL though dynamic variable evaluation and 2 unsetting arbitrary variables via the REQUEST array,...
CVE-2006-5116
Multiple cross-site request forgery CSRF vulnerabilities in phpMyAdmin before 2.9.1-rc1 allow remote attackers to perform unauthorized actions as another user by 1 directly setting a token in the URL though dynamic variable evaluation and 2 unsetting arbitrary variables via the REQUEST array,...
papooCMS.txt
It makes use of the unset vulnerability, cms can be found at papoo.de !/usr/bin/perl require LWP::UserAgent; print "PAPOO CMS REMOTE FILE INCLUSION VULNERABILITY \n"; print "Exploit & vulnerability by Ironfist\n"; print " http://iron.gimyweb.de \n"; print "Host?"; $host = ; chomp $host; print "Pa...
CVE-2006-4466
Joomla! before 1.0.11 does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to have an unspecified impact. NOTE: it could be argued that this vulnerability is due to a bug in t...
CVE-2006-4466
Joomla! before 1.0.11 does not properly unset variables when the input data includes a numeric parameter with a value matching an alphanumeric parameter's hash value, which allows remote attackers to have an unspecified impact. NOTE: it could be argued that this vulnerability is due to a bug in t...
CVE-2006-4467
The CVE-2006-4467 entry applies to Simple Machines Forum (SMF) 1.1RCx prior to 1.1RC3 and 1.0.x prior to 1.0.8. The issue is a variable-unsetting flaw where input data containing a numeric parameter with a value that matches an alphanumeric parameter’s hash value prevents SMF from unsetting the c...
CVE-2006-4466
Technical details for CVE-2006-4466 are not publicly available in the provided documents; the connected sources reference related PHP unset issues (e.g., CVE-2006-3017) but do not specify Joomla! version-specific impact, vectors, or fixes.
PHP < 4.4.3 / 5.1.4 Multiple Vulnerabilities
According to its banner, the version of PHP installed on the remote host is older than 4.4.3 / 5.1.4. Such versions may be affected by several issues, including a buffer overflow, heap corruption, and a flaw by which a variable may survive a call to 'unset'. %NASLMINLEVEL 70300 C Tenable Network...
security flaw
zendhashdelkeyorindex in zendhash.c in PHP before 4.4.3 and 5.x before 5.1.3 can cause zendhashdel to delete the wrong element, which prevents a variable from being unset even when the PHP unset function is called, which might cause the variable's value to be used in security-relevant operations...
USN-320-1: PHP vulnerabilities
The phpinfo PHP function did not properly sanitize long strings. A remote attacker could use this to perform cross-site scripting attacks against sites that have publicly-available PHP scripts that call phpinfo. Please note that it is not recommended to publicly expose phpinfo. CVE-2006-0996 An...
security flaw
zendhashdelkeyorindex in zendhash.c in PHP before 4.4.3 and 5.x before 5.1.3 can cause zendhashdel to delete the wrong element, which prevents a variable from being unset even when the PHP unset function is called, which might cause the variable's value to be used in security-relevant operations...