21 matches found
EUVD-2007-6181
Malware in sbrugna...
Directory traversal
Multiple directory traversal vulnerabilities in mod/chat/index.php in WebED 0.0.9 allow remote attackers to read arbitrary files via a .. dot dot in the 1 Root and 2 Path parameters...
CVE-2007-6213
Multiple directory traversal vulnerabilities in mod/chat/index.php in WebED 0.0.9 allow remote attackers to read arbitrary files via a .. dot dot in the 1 Root and 2 Path parameters...
CVE-2007-6213
Multiple directory traversal vulnerabilities in mod/chat/index.php in WebED 0.0.9 allow remote attackers to read arbitrary files via a .. dot dot in the 1 Root and 2 Path parameters...
CVE-2007-6213
CVE-2007-6213 concerns WebED 0.0.9. Multiple directory traversal flaws in mod/chat/index.php allow remote reading of arbitrary files via a .. in the Root and Path parameters, affecting confidentiality (C:P) with no integrity/availability impact stated. CVSS v2 score is 5.0 (Medium) with network a...
webed-disclose.txt
WebED v0.0.9 index.php Remote File Disclosure Vulnerabilities Script : http://heanet.dl.sourceforge.net/sourceforge/ed-engine/WebEDv0.0.9.tar.gz Vuln Code In /mod/chat/index.php : PoC : /mod/chat/index.php?Root=../../../../../../etc/passwd /mod/chat/index.php?Path=../../../../../../etc/pa...
WebED 0.0.9 - index.php Remote File Disclosure
WebED 0.0.9 - index.php Remote File Disclosure WebED v0.0.9 index.php Remote File Disclosure Vulnerabilities Script : http://heanet.dl.sourceforge.net/sourceforge/ed-engine/WebEDv0.0.9.tar.gz Vuln Code In /mod/chat/index.php : PoC : /mod/chat/index.php?Root=../../../../../../etc/passwd...
WebED 0.0.9 - 'index.php' Remote File Disclosure
WebED v0.0.9 index.php Remote File Disclosure Vulnerabilities Script : http://heanet.dl.sourceforge.net/sourceforge/ed-engine/WebEDv0.0.9.tar.gz Vuln Code In /mod/chat/index.php : PoC : /mod/chat/index.php?Root=../../../../../../etc/passwd /mod/chat/index.php?Path=../../../../../../etc/pa...
WebED 0.0.9 (index.php) Remote File Disclosure Vulnerability
No description provided by source. WebED v0.0.9 index.php Remote File Disclosure Vulnerabilities Script : http://heanet.dl.sourceforge.net/sourceforge/ed-engine/WebEDv0.0.9.tar.gz Vuln Code In /mod/chat/index.php : body ?php readfile$Root.$Path; ? ---xxx form action="applicationloader.php"...
WebED 0.0.9 (index.php) Remote File Disclosure Vulnerability
Exploit for unknown platform in category web applications ============================================================ WebED 0.0.9 index.php Remote File Disclosure Vulnerability ============================================================ WebED v0.0.9 index.php Remote File Disclosure...
WebED-0.8999 Multiple Remote File Inclusion Vulnerability
--------------------------------------------------------------- Multiple Remote File Inclusion Vulnerability --------------------------------------------------------------- Founded by : Seph1roth Download Script: http://sourceforge.net/projects/ed-engine/ WebED-0.8999.tar.gz Exploit:...
webed-rfi.txt
--------------------------------------------------------------- Multiple Remote File Inclusion Vulnerability --------------------------------------------------------------- Founded by : Seph1roth Download Script: http://sourceforge.net/projects/ed-engine/ WebED-0.8999.tar.gz Exploit:...
CVE-2007-4815
Multiple PHP remote file inclusion vulnerabilities in WebED in Markus Iser ED Engine 0.8999 alpha allow remote attackers to execute arbitrary PHP code via a URL in the Codebase parameter to 1 channeledit.php, 2 post.php, 3 view.php, or 4 viewitem.php in source/mod/rss/...
Immunity Canvas: WEBED_INCLUDE
Name| webedinclude ---|--- CVE| CVE-2007-4815 Exploit Pack| CANVAS Description| WebEd Remote file inclusion Notes| CVSS: 6.8 Repeatability: Infinite VENDOR: ed-engine CVE Url: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4815 CVE Name: CVE-2007-4815...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in WebED in Markus Iser ED Engine 0.8999 alpha allow remote attackers to execute arbitrary PHP code via a URL in the Codebase parameter to 1 channeledit.php, 2 post.php, 3 view.php, or 4 viewitem.php in source/mod/rss/...
CVE-2007-4815
Multiple PHP remote file inclusion vulnerabilities in WebED in Markus Iser ED Engine 0.8999 alpha allow remote attackers to execute arbitrary PHP code via a URL in the Codebase parameter to 1 channeledit.php, 2 post.php, 3 view.php, or 4 viewitem.php in source/mod/rss/...
CVE-2007-4815
CVE-2007-4815 affects the WebED ED Engine 0.8999 alpha. The vulnerability is a set of multiple remote PHP file inclusion flaws that allow an attacker to execute arbitrary PHP code by supplying a crafted URL via the Codebase parameter to one of the following scripts: channeledit.php, post.php, vie...
WebED 0.8999a Multiple Remote File Inclusion Vulnerabilities
No description provided by source. --------------------------------------------------------------- / | |\ / | / |/ | | |/ | | / | | | | | |/ | | // | || | ||| /| / /\ | |||| /| / / --------------------------------------------------------------- Http://www.inj3ct-it.org Staffatinj3ct-itdotorg...
WebED 0.8999a - Multiple Remote File Inclusions
WebED 0.8999a - Multiple Remote File Inclusions --------------------------------------------------------------- / | |\ \ / | / |/ | | |/ \ | | | |||| /| / / --------------------------------------------------------------- Http://www.inj3ct-it.org Staffatinj3ct-itdotorg...
WebED 0.8999a - Multiple Remote File Inclusions
--------------------------------------------------------------- / | |\ \ / | / |/ | | |/ \ | | | |||| /| / / --------------------------------------------------------------- Http://www.inj3ct-it.org Staffatinj3ct-itdotorg --------------------------------------------------------------- Multiple...