EUVD-2006-4547

Malware in sbrugna...

YACS 6.6.1 - Multiple Remote File Include Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/19799/info YACS is prone multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote file...

YACS CMS <= 6.6.1 context[path_to_root] Remote File Include Vuln

No description provided by source. matasanos YACS CMS last version and maybe all File Inclusion Vulnerability affected software: YACS Yet Another Community System vendor: yacs . you can donwload it from http://www.yetanothercommunitysystem.com level: Highly Critical muy critico...

YACS CMS 10.5.27 - &#039;context[path_to_root]&#039; Remote File Inclusion

source: https://www.securityfocus.com/bid/41773/info Yacs CMS is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information or to execute arbitrary script code in th...

YACK CMS 10.5.27 Remote File Inclusion

======================================================== YACK CMS 10.5.27 Remote File Inclusion Vulnerability ======================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ ...

YACS CMS 10.5.27 - context[path_to_root] Remote File Inclusion

YACS CMS 10.5.27 - contextpathtoroot Remote File Inclusion source: https://www.securityfocus.com/bid/41773/info Yacs CMS is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially...

YACS CMS 8.11 Remote File Inclusion

-----------------remote file include----------------- script: YACS version 8.11 ------------------------------------------------------------------ download from: http://www.yetanothercommunitysystem.com/file-fetch/814-20081130-yacs-8.11rc30.zip ============================================== vul:...

YACS CMS 8.11 - &#039;update_trailer.php&#039; Remote File Inclusion

-----------------remote file include----------------- script: YACS version 8.11 ------------------------------------------------------------------ download from: http://www.yetanothercommunitysystem.com/file-fetch/814-20081130-yacs-8.11rc30.zip ============================================== vul:...

YACS CMS 8.11 update_trailer.php Remote File Inclusion Vulnerability

Exploit for unknown platform in category web applications ==================================================================== YACS CMS 8.11 updatetrailer.php Remote File Inclusion Vulnerability ==================================================================== -----------------remote file...

YACS CMS 8.11 - update_trailer.php Remote File Inclusion

YACS CMS 8.11 - updatetrailer.php Remote File Inclusion -----------------remote file include----------------- script: YACS version 8.11 ------------------------------------------------------------------ download from:...

YACS CMS 8.11 update_trailer.php Remote File Inclusion Vulnerability

No description provided by source. -----------------remote file include----------------- script: YACS version 8.11 ------------------------------------------------------------------ download from: http://www.yetanothercommunitysystem.com/file-fetch/814-20081130-yacs-8.11rc30.zip...

CVE-2006-4559

Multiple PHP remote file inclusion vulnerabilities in Yet Another Community System YACS CMS 6.6.1 allow remote attackers to execute arbitrary PHP code via a URL in the contextpathtoroot parameter in 1 articles/populate.php, 2 categories/category.php, 3 categories/populate.php, 4...

PT-2006-5352 · Yacs · Yacs Cms

Name of the Vulnerable Software and Affected Versions: YACS CMS version 6.6.1 Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the contextpath to root parameter in several PHP files, including "articles/populate.php", "categories/category.php",...

CVE-2006-4559

CVE-2006-4559 describes multiple PHP remote file inclusion vulnerabilities in Yet Another Community System (YACS) CMS 6.6.1 and earlier. The flaw allows remote attackers to execute arbitrary PHP code by supplying a URL in the context[path_to_root] parameter to several PHP endpoints, including art...

CVE-2006-4559

Multiple PHP remote file inclusion vulnerabilities in Yet Another Community System YACS CMS 6.6.1 allow remote attackers to execute arbitrary PHP code via a URL in the contextpathtoroot parameter in 1 articles/populate.php, 2 categories/category.php, 3 categories/populate.php, 4...

CVE-2006-4532

PHP remote file inclusion vulnerability in articles/article.php in Yet Another Community System YACS CMS 6.6.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the contextpathtoroot parameter...

CVE-2006-4532

PHP remote file inclusion vulnerability in articles/article.php in Yet Another Community System YACS CMS 6.6.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the contextpathtoroot parameter...

CVE-2006-4532

Affected software: Yet Another Community System (YACS) CMS, version 6.6.1 and earlier. Vulnerability: PHP remote file inclusion in articles/article.php, where an attacker can supply a URL via context[path_to_root] to execute arbitrary PHP code. Impact: Arbitrary code execution with the same privi...

YACS 6.6.1 - Multiple Remote File Inclusions

source: https://www.securityfocus.com/bid/19799/info YACS is prone multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code and execut...

YACS 6.6.1 - Multiple Remote File Inclusions

YACS 6.6.1 - Multiple Remote File Inclusions source: https://www.securityfocus.com/bid/19799/info YACS is prone multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote...