Lucene search
K

326 matches found

Positive Technologies
Positive Technologies
added 2009/02/03 12:0 a.m.10 views

PT-2009-1520 · Xt:Commerce · Xt:Commerce

Name of the Vulnerable Software and Affected Versions: xt:Commerce versions 3.0.4 and earlier Description: The issue allows remote attackers to hijack web sessions by setting the XTCsid parameter in the shopping cart.php file. This enables attackers to take control of user sessions, potentially...

6.8CVSS6.7AI score0.02912EPSS
Exploits1References9
NVD
NVD
added 2007/10/03 2:17 p.m.8 views

CVE-2007-5185

Multiple PHP remote file inclusion vulnerabilities in phpWCMS XT 0.0.7 BETA and earlier allow remote attackers to execute arbitrary PHP code via a URL in the HTMLMENUDirPath parameter to 1 configHTMLMENU.php and 2 configPHPLM.php in phpwcmstemplate/incscript/frontendrender/navigation/...

6.8CVSS7.7AI score0.42285EPSS
Exploits1References6
CVE
CVE
added 2007/10/03 2:0 p.m.76 views

CVE-2007-5185

In the provided documents, CVE-2007-5185 affects phpWCMS XT 0.0.7 BETA and earlier, describing a Remote File Inclusion flaw. The vulnerability enables remote attackers to execute arbitrary PHP code by supplying a URL via the HTML_MENU_DirPath parameter to the navigation scripts (config_HTML_MENU....

6.8CVSS7.6AI score0.42285EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2007/10/03 2:0 p.m.22 views

CVE-2007-5185

Multiple PHP remote file inclusion vulnerabilities in phpWCMS XT 0.0.7 BETA and earlier allow remote attackers to execute arbitrary PHP code via a URL in the HTMLMENUDirPath parameter to 1 configHTMLMENU.php and 2 configPHPLM.php in phpwcmstemplate/incscript/frontendrender/navigation/...

7.7AI score0.42285EPSS
Exploits1References6
seebug.org
seebug.org
added 2007/10/03 12:0 a.m.38 views

php wcms XT 0.0.7 Multiple Remote File Inclusion Vulnerabilities

No description provided by source. php WCMS XT 007 BETA = Remote File Inclusion Vulnerability Dork:http://www.google.com.tr/search?hl=tr&q=Copyright+%C2%A9+2007+by+Horst-D.+Kr%C3%B6ller+%C2%B7+CMS%3A+php+WCMS+&meta= Vuln Code...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2007/10/02 12:0 a.m.31 views

phpwcms-rfi.txt

?????????? ??????????????? ??????????????????? ??????????????????????? ?????????????????????????? ?????????????????????????????? ????????????????????????????????? ??????????????????????????????????? ????????????????????????????????????? ???????????????????????????????????????...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2007/10/01 12:0 a.m.38 views

PHP wcms XT 0.0.7 - Multiple Remote File Inclusions

?????????? ??????????????? ??????????????????? ??????????????????????? ?????????????????????????? ?????????????????????????????? ????????????????????????????????? ??????????????????????????????????? ????????????????????????????????????? ???????????????????????????????????????...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2007/10/01 12:0 a.m.12 views

PHP wcms XT 0.0.7 - Multiple Remote File Inclusions

PHP wcms XT 0.0.7 - Multiple Remote File Inclusions ?????????? ??????????????? ??????????????????? ??????????????????????? ?????????????????????????? ?????????????????????????????? ????????????????????????????????? ??????????????????????????????????? ?????????????????????????????????????...

0.3AI score
Exploits0
0day.today
0day.today
added 2007/10/01 12:0 a.m.21 views

php wcms XT 0.0.7 Multiple Remote File Inclusion Vulnerabilities

Exploit for unknown platform in category web applications ================================================================ php wcms XT 0.0.7 Multiple Remote File Inclusion Vulnerabilities ================================================================ ?????????? ??????????????? ?????????????????...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2007/06/15 12:0 a.m.29 views

xtconteudo-rfi.txt

/ \ / \ | | | | | | | | | | | / | | | | | | | ' / | | ' \ / \ | | | | || | || | | | \ | | | | / | , |/ /|| ||| |||| / | |/ INFO: Program Title XT-Conteudo XOOPS Module Remote File Inclusion Vulnerability Description Content module for XOOPS CMS Vuln Code In /admin/spaw/spawcontrol.class.php...

7.4AI score
Exploits0
NVD
NVD
added 2007/06/14 11:30 p.m.18 views

CVE-2007-3221

PHP remote file inclusion vulnerability in admin/spaw/spawcontrol.class.php in the XT-Conteudo module for XOOPS allows remote attackers to execute arbitrary PHP code via a URL in the spawroot parameter. NOTE: this issue is probably a duplicate of CVE-2006-4656...

6.8CVSS7.2AI score0.67812EPSS
Exploits1References6
canvas
canvas
added 2007/06/14 11:30 p.m.60 views

Immunity Canvas: XOOPS_XTCONTEUDO

Name| xoopsxtconteudo ---|--- CVE| CVE-2007-3221 Exploit Pack| CANVAS Description| Xoops XT-Conteudo Notes| CVSS: 6.8 Repeatability: Infinite VENDOR: Xoops CVE Url: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3221 CVE Name: CVE-2007-3221...

6.8CVSS0.9AI score0.67812EPSS
Exploits1
Prion
Prion
added 2007/06/14 11:30 p.m.26 views

Remote file inclusion

PHP remote file inclusion vulnerability in admin/spaw/spawcontrol.class.php in the XT-Conteudo module for XOOPS allows remote attackers to execute arbitrary PHP code via a URL in the spawroot parameter. NOTE: this issue is probably a duplicate of CVE-2006-4656...

6.8CVSS7.3AI score0.67812EPSS
Exploits1References6
Cvelist
Cvelist
added 2007/06/14 11:0 p.m.18 views

CVE-2007-3221

PHP remote file inclusion vulnerability in admin/spaw/spawcontrol.class.php in the XT-Conteudo module for XOOPS allows remote attackers to execute arbitrary PHP code via a URL in the spawroot parameter. NOTE: this issue is probably a duplicate of CVE-2006-4656...

7.2AI score0.67812EPSS
Exploits1References6
CVE
CVE
added 2007/06/14 11:0 p.m.53 views

CVE-2007-3221

CVE-2007-3221 is a PHP remote file inclusion in XOOPS XT-Conteudo module; the vulnerable file is admin/spaw/spaw_control.class.php, exploitable via a URL in the spaw_root parameter to execute arbitrary PHP code. The issue is noted as probably a duplicate of CVE-2006-4656. Related entries (CVE-200...

6.8CVSS7.2AI score0.67812EPSS
Exploits1References6Affected Software1
seebug.org
seebug.org
added 2007/06/14 12:0 a.m.32 views

XOOPS Module XT-Conteudo (spaw_root) RFI Vulnerability

No description provided by source. / \ / \ | | | | | | | | | | | / | | | | | | | ' / | | ' \ / \ | | | | || | || | | | \ | | | | / | , |/ /|| ||| |||| / | |/ INFO: Program Title XT-Conteudo XOOPS Module Remote File Inclusion&n...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2007/06/13 12:0 a.m.39 views

XOOPS Module XT-Conteudo - 'spaw_root' Remote File Inclusion

/ \ / \ | | | | | | | | | | | / | | | | | | | ' / | | ' \ / \ | | | | || | || | | | \ | | | | / | , |/ /|| ||| |||| / | |/ INFO: Program Title XT-Conteudo XOOPS Module Remote File Inclusion Vulnerability Description Content module for XOOPS CMS Vuln Code In /admin/spaw/spawcontrol.class.php...

7.4AI score
Exploits0
0day.today
0day.today
added 2007/06/13 12:0 a.m.27 views

XOOPS Module XT-Conteudo (spaw_root) RFI Vulnerability

Exploit for unknown platform in category web applications ====================================================== XOOPS Module XT-Conteudo spawroot RFI Vulnerability ====================================================== / \ / \ | | | | | | | | | | | / | | | | | | | ' / | | ' \ / \ | | | | || | ||...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2007/02/01 12:0 a.m.17 views

XT-Stats XT_Counter.PHP远程文件包含漏洞

XT-Stats是一款基于PHP的WEB应用程序。 XT-Stats不正确过滤用户提交的输入,远程攻击者可以利用漏洞以WEB权限执行任意命令。 问题是'XTCounter.PHP'脚本对用户提交的'serverbasedir'参数缺少过滤,指定远程服务器上的文件作为包含参数,可导致以WEB权限执行任意命令。 xt-scripts xt-stats 2.4 .b3 目前没有解决方案提供,请关注以下链接: http://www.xt-scripts.com/index.php?p=0...

7.1AI score
Exploits0
Prion
Prion
added 2007/01/30 5:28 p.m.15 views

Remote file inclusion

PHP remote file inclusion vulnerability in xtcounter.php in Xt-Stats 2.3.x up to 2.4.0.b3 allows remote attackers to execute arbitrary PHP code via a URL in the serverbasedir parameter...

7.5CVSS8AI score0.03512EPSS
Exploits1References8Affected Software1
Rows per page
Query Builder