The vulnerability exists due to insufficient sanitization of user-supplied input passed to the 'g_admin_rep' parameter in 'admin/admin_module.php' script. This can be exploited to include arbitrary files from local resources or remote resources by using a relative path in the 'g_admin_rep' parameter. Additionally, an attacker can exploit this vulnerability to include files with multiple extensions, which can be used to execute arbitrary code on the vulnerable system.
Segue CMS themes/program/themesettings.inc.php does not intialize the $themesdir variable before using it to include files, assuming register_globals = on, we can intialize the variable in a query string and include a remote file of our choice. Tested and working on version 1.5.4 and 1.5.8 (previous versions may also be affected).
A remote file include vulnerability exists in pandaBB, which allows an attacker to include a remote file containing malicious PHP code resulting in arbitrary code execution. This is due to the application including files based on user input without proper validation. An attacker can leverage this vulnerability to execute arbitrary PHP code under the context of the web server process.
The proof of concept causes the chan_skippy to crash in different locations and due to memory corruption as well as double free calls. This is based on the finding of Security-Assessment.com, and proves that the vulnerability is indeed exploitable.
EPNadmin 0.7 is vulnerable to remote command execution. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable server. This can be done by appending a maliciously crafted URL to the vulnerable server, which will then execute the malicious code.
An advanced instrumentation reservation system for equipment calendaring and user management is vulnerable to a Remote File Include vulnerability. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable application. This can allow the attacker to execute arbitrary code on the server.
YapBB <= 1.2 Beta2 is vulnerable to a remote file include vulnerability. This vulnerability allows an attacker to include a remote file, usually through a malicious URL, containing arbitrary commands that will be executed on the vulnerable server.
This exploit allows an attacker to execute arbitrary code on a vulnerable system. It is triggered by sending a specially crafted HTTP request to the vulnerable server, containing a malicious command in the 'cmd' parameter of the 'template.php' script. This exploit affects PHP-Post version 1.01 and earlier.
This exploit allows a remote attacker to change the password of a user on a vulnerable Active Bulletin Board v1.1 beta2 system. The attacker can send a specially crafted POST request to the doprofiledit.asp script, which contains the new password for the user. The exploit requires the ID and UsrName of the user to be known, which can be obtained from the admin.asp page.
phpamx 0.90 is vulnerable to remote and local file inclusion. The vulnerability exists due to insufficient sanitization of user-supplied input in the 'plug_path' parameter in 'php/plugins/main.php' script. An attacker can exploit this vulnerability to include arbitrary remote files and execute arbitrary code on the vulnerable system. The vulnerability requires 'register_globals' to be set to 'On' for the first vulnerability and 'magic_quotes_gpc' to be set to 'Off' for the second vulnerability.
Services By CQR