Directory traversal

Directory traversal vulnerability in visualizza.php in Way Of The Warrior WOTW 5.0 and earlier allows remote attackers to read arbitrary files via a .. dot dot in the plancia parameter...

Remote file inclusion

PHP remote file inclusion vulnerability in visualizza.php in Way Of The Warrior WOTW 5.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the plancia parameter to crea.php...

CVE-2008-6223

The CVE-2008-6223 issue is a PHP remote file inclusion vulnerability in Way Of The Warrior (WOTW) v5.0 and earlier. An attacker can cause arbitrary PHP code execution by supplying a URL in the plancia parameter to crea.php via visualizza.php, enabling remote code execution. The vulnerability impa...

CVE-2008-6224

CVE-2008-6224 describes a directory traversal in the Visualizza.php module of Way Of The Warrior (WOTW) up to version 5.0 and earlier. The flaw allows remote attackers to read arbitrary files by supplying a …/ (dot-dot) sequence in the plancia parameter. Public references indicate the vulnerabili...

CVE-2008-6223

PHP remote file inclusion vulnerability in visualizza.php in Way Of The Warrior WOTW 5.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the plancia parameter to crea.php...

Pizzis CMS 1.5.1 - Blind SQL Injection

Pizzis CMS 1.5.1 - Blind SQL Injection --+++=============================================================+++-- --+++====== Pizzis CMS ". "\n+ Ex. : perl $0 localhost /pizziscms admin". "\n+ Greetz: my girlfriend, she has no idea about what is it $hostname, PeerPort = 80, Proto = "tcp", or die $!;...

Pizzis CMS 1.5.1 Blind SQL Injection Exploit

--+++=============================================================+++-- --+++====== Pizzis CMS ". "\n+ Ex. : perl $0 localhost /pizziscms admin". "\n+ Greetz: my girlfriend, she has no idea about what is it $hostname, PeerPort = 80, Proto = "tcp", or die $!; my $query = query $user, $chr, $pos; m...