A remote file include vulnerability exists in OPT (Outreach Project Tool) version 1.2.6. An attacker can exploit this vulnerability to include arbitrary files from remote locations by sending a specially crafted HTTP request to the vulnerable server. This can be exploited to execute arbitrary PHP code on the vulnerable system.
A remote file include vulnerability exists in dotProject version 2.0.4. An attacker can exploit this vulnerability to include arbitrary files from remote locations by sending a specially crafted HTTP request to the vulnerable application. This can lead to arbitrary code execution on the vulnerable system.
PHProjekt is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to execute arbitrary PHP code within the context of the webserver process. Successful exploits will allow the attacker to compromise the application and the underlying system; other attacks are also possible.
A vulnerability in WEBInsta. CMS 0.3.1 allows remote attackers to include arbitrary files via a URL in the module_dir parameter to modules/usersonline/users.php.
A Remote File Inclusion (RFI) vulnerability exists in discloser 0.0.4. An attacker can exploit this vulnerability to include a remote file, such as a malicious PHP script, and execute it on the vulnerable system. The vulnerable parameters are 'fileloc' in 'content/content.php' and 'inc/indexhead.php' scripts.
A SQL injection vulnerability exists in Spidey Blog Script version 1.5 (tr). An attacker can exploit this vulnerability to gain access to the admin credentials by sending a specially crafted HTTP request to the vulnerable application. The request contains malicious SQL statements that are executed in the backend database.
This exploit is for the Cyrus POP3D buffer overflow vulnerability. It uses the same method as the exploit from bannedit, yet finds a data area that is not going to freak pop3d out before it gets to the return. It uses part of the .data segment (or was it .bss, anyways) labeled 'buf'. With this the same one-offset-per-machine is gained that bannedit was achieving.
A remote file inclusion vulnerability exists in the Mambo com_mmp component due to insufficient sanitization of user-supplied input to the mosConfig_absolute_path parameter in the help.mmp.php script. An attacker can exploit this vulnerability to include arbitrary remote files, resulting in the execution of arbitrary code on the vulnerable system.
The phPay v2.02 nu_mail.inc.php file is vulnerable to mail() injection. The vulnerability is due to the lack of proper input validation and the lack of die()/exit() functions. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable file. This will allow the attacker to inject arbitrary code into the mail() function.
This exploit is a Denial of Service (DoS) attack against the Opera 9 IRC client. It sends a malformed KICK command to the server, which causes the client to crash. This exploit was discovered by Preddy and NNP in 2006.
Services By CQR