EUVD-2006-3997

Malware in sbrugna...

vbPortal 3.0.2 <= 3.6.0 b1 - (cookie) Remote Code Excution Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo vbPortal 3.0.2 = 3.6.0 Beta 1 Remote Command Excution \r\n; echo By R00tATI Mail : havoc1988 at gmail dot com \r\n; echo Thank you Minus-Power \r\n; echo Thank you rgod for your clear samples \r\n; echo site:...

vbPortal 2.0 alpha 8.1 Authentication SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8613/info It has been reported that vbPortal is prone to SQL injection attacks when authentication users. The problem occurs due to insufficient sanitization of the $aid variable, used to store the name of the...

vbPortal302.txt

vbPortal 3.0.2 this works with magicquotesgpc=Off\r\n"; echo "dork: Portal By vbPortal Version 3.5.0 126 $result.=" ."; else $result.=" ".$s...

CVE-2006-4004

Directory traversal vulnerability in index.php in vbPortal 3.0.2 through 3.6.0 Beta 1, when magicquotesgpc is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the bbvbplang cookie, as demonstrated by injecting PHP sequences into a...

CVE-2006-4004

CVE-2006-4004 describes a directory traversal vulnerability in vbPortal versions 3.0.2 through 3.6.0 Beta 1. When magic_quotes_gpc is disabled, remote attackers can cause the application to include and execute local files by manipulating directory traversal sequences in the bbvbplang cookie. The ...

CVE-2006-4004

Directory traversal vulnerability in index.php in vbPortal 3.0.2 through 3.6.0 Beta 1, when magicquotesgpc is disabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the bbvbplang cookie, as demonstrated by injecting PHP sequences into a...

vbPortal 3.0.2 <= 3.6.0 b1 (cookie) Remote Code Excution Exploit

Exploit for unknown platform in category web applications ================================================================ vbPortal 3.0.2 this works with magicquotesgpc=Off\r\n"; echo "dork: Portal By vbPortal Version 3.5.0 = 3.6.0 Beta 1 \r\n"; if $argc4 echo "Usage: php ".$argv0." host path cmd...

vbPortal 3.0.2 3.6.0 b1 - cookie Remote Code Execution

vbPortal 3.0.2 3.6.0 b1 - cookie Remote Code Execution !/usr/bin/php -q -d shortopentag=on this works with magicquotesgpc=Off\r\n"; echo "dork: Portal By vbPortal Version 3.5.0 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.=...

vbPortal 3.0.2 &lt;= 3.6.0 b1 (cookie) Remote Code Excution Exploit

No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo "vbPortal 3.0.2 = 3.6.0 Beta 1 Remote Command Excution \r\n"; echo "By R00tATI Mail : havoc1988 at gmail dot com \r\n"; echo "Thank you Minus-Power \r\n"; echo "Thank you rgod for your clear samples \r\n"; echo "site:...

vbPortal 3.0.2 &lt; 3.6.0 b1 - &#039;cookie&#039; Remote Code Execution

!/usr/bin/php -q -d shortopentag=on this works with magicquotesgpc=Off\r\n"; echo "dork: Portal By vbPortal Version 3.5.0 126 $result.=" ."; else $result.=" ".$string$i; if strlendechexord$string$i==2 $exa.=" ".dechexord$string$i; else $exa.=" 0".dechexord$string$i; $cont++;if $con...

SCSA021.txt

====================================================================== Security Corporation Security Advisory SCSA-021 Anonymous Mail Forwarding Vulnerabilities in vbPortal ====================================================================== PROGRAM: vbPortal HOMEPAGE: http://www.vbportal.com...

[SCSA-021] Anonymous Mail Forwarding Vulnerabilities in vbPortal

====================================================================== Security Corporation Security Advisory SCSA-021 Anonymous Mail Forwarding Vulnerabilities in vbPortal ====================================================================== PROGRAM: vbPortal HOMEPAGE: http://www.vbportal.com...

vbPortal 2.0 alpha 8.1 - (Authenticated) SQL Injection

vbPortal 2.0 alpha 8.1 - Authenticated SQL Injection source: https://www.securityfocus.com/bid/8613/info It has been reported that vbPortal is prone to SQL injection attacks when authentication users. The problem occurs due to insufficient sanitization of the $aid variable, used to store the name...

vbPortal 2.0 alpha 8.1 - (Authenticated) SQL Injection

source: https://www.securityfocus.com/bid/8613/info It has been reported that vbPortal is prone to SQL injection attacks when authentication users. The problem occurs due to insufficient sanitization of the $aid variable, used to store the name of the authenticating user. As a result, an attacker...