Sql injection

SQL injection vulnerability in xmlrpc xmlrpc.php in WordPress 2.1.2, and probably earlier, allows remote authenticated users to execute arbitrary SQL commands via a string parameter value in an XML RPC mt.setPostCategories method call, related to the postid variable...

CVE-2006-7187

Cross-site scripting XSS vulnerability in the showrecentsearches function in cgi-lib/user-lib/search.pl in web-app.net WebAPP before 20060909 allows remote attackers to inject arbitrary web script or HTML via the srch variable...

CVE-2006-7188

The search function in cgi-lib/user-lib/search.pl in web-app.net WebAPP before 20060909 allows remote attackers to read internal forum posts via certain requests, possibly related to the $info'forum' variable...

AIX lsmcode privilege escalation

User's environment variable is used to launch external application...

EUVD-2007-1695

PHP 4 before 4.4.5, and PHP 5 before 5.2.1, when registerglobals is enabled, allows context-dependent attackers to execute arbitrary code via deserialization of session data, which overwrites arbitrary global variables, as demonstrated by calling sessiondecode on a string beginning with...

Sql injection

Variable extraction vulnerability in grabglobals.php in Net Portal Dynamic System NPDS 5.10 and earlier allows remote attackers to conduct SQL injection attacks via the FILESDBtmpname parameter to print.php, which overwrites the $DB variable with dynamic variable evaluation...

CVE-2007-1634

Variable extraction vulnerability in grabglobals.php in Net Portal Dynamic System NPDS 5.10 and earlier allows remote attackers to conduct SQL injection attacks via the FILESDBtmpname parameter to print.php, which overwrites the $DB variable with dynamic variable evaluation...

CVE-2007-1634

Variable extraction vulnerability in grabglobals.php in Net Portal Dynamic System NPDS 5.10 and earlier allows remote attackers to conduct SQL injection attacks via the FILESDBtmpname parameter to print.php, which overwrites the $DB variable with dynamic variable evaluation...

Study planner (Studiewijzer) <= 0.15 Remote File Inclusion Vulnerability

Exploit for unknown platform in category web applications ======================================================================== Study planner Studiewijzer = 0.15 Remote File Inclusion Vulnerability ======================================================================== \ /\ \ / | \ \ | / \ //...

study planner (studiewijzer) 0.15 - Remote File Inclusion

study planner studiewijzer 0.15 - Remote File Inclusion \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV77$2007 ----------------------------------------------------------------------------------------- ECHOADV77$2007 Study planner Studiewijzer = 0.15 Remote...

Echo Security Advisory 2007.75

\ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV75$2007 ------------------------------------------------------------------------------------- ECHOADV75$2007 Groupit 2.00b5 cbasepath Remote File Inclusion Vulnerability --------------------------------------...

viperweb-rfi.txt

PHP remote file inclusion vulnerabilities in ViperWeb Portal allow remote attackers to execute arbitrary PHP code via a URL in the $modpath variable. http:///index.php?modpath= Found in: line32. Code: include$modpath; Vulnerability found by Abdus Samad Advanced Research Project and Technologies...

Php-Stats &lt;= 0.1.9.1b (php-stats-options.php) admin 2 exec() eExploit

No description provided by source. ?php printr' --------------------------------------------------------------------------- Php-Stats = 0.1.9.1b admin 2 exec exploit by rgod mail: retrog at alice dot it site: http://retrogod.altervista.org dork example: inurl:php-stats.js.php...

[ECHO_ADV_75$2007] Groupit 2.00b5 &#40;c_basepath&#41; Remote File Inclusion Vulnerability

ECHOADV75$2007 ------------------------------------------------------------------------------------- ECHOADV75$2007 Groupit 2.00b5 cbasepath Remote File Inclusion Vulnerability -------------------------------------- ---------------------------------------------- Author : Dedi Dwianto a.k.a theday...

CVE-2007-1472

Variable overwrite vulnerability in groupit/base/groupit.start.inc in Groupit 2.00b5 allows remote attackers to conduct remote file inclusion attacks and execute arbitrary PHP code via arguments that are written to $GLOBALS, as demonstrated using a URL in the cbasepath parameter to 1 content.php,...

Remote file inclusion

PHP remote file inclusion vulnerability in template.class.php in Carbonize Lazarus Guestbook before 1.7.3 allows remote attackers to execute arbitrary PHP code via a URL in the includepath parameter to admin.php, probably due to a dynamic variable evaluation vulnerability...

[ECHO_ADV_72$2007] CARE2X &#40;root_path&#41; Remote File Inclusion Vulnerability

ECHOADV72$2007 ------------------------------------------------------------------------- ECHOADV72$2007 CARE2X rootpath Remote File Inclusion Vulnerability -------------------------- ---------------------------------------------- Author : Dedi Dwianto a.k.a theday Date Found : March, 13th 2007...

WebCreator <= 0.2.6-rc3 (moddir) Remote File Inclusion Vulnerability

No description provided by source. \ /\ / | \ | / // / | | \ \ Y / | / / \ /\| /\ / / / / / .OR.ID ECHOADV74$2007 ------------------------------------------------------------------------------------- ECHOADV74$2007 WebCreator = 0.2.6-rc3 moddir Remote File Inclusion Vulnerability...

Company WebSite Builder PRO 1.9.8 - &#039;INCLUDE_PATH&#039; Remote File Inclusion

\ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV76$2007 -------------------------------------------------------------------------------------------- ECHOADV76$2007 Company WebSite Builder PRO INCLUDEPATH Remote File Inclusion Vulnerability...

Company WebSite Builder PRO 1.9.8 (INCLUDE_PATH) RFI Vulnerability

Exploit for unknown platform in category web applications ================================================================== Company WebSite Builder PRO 1.9.8 INCLUDEPATH RFI Vulnerability ================================================================== \ /\ \ / | \ \ | / \ // / | \ | \ \ Y...