Register an IOS Agent for executing modules and/or commands on a Network Device, exploiting an authorization vulnerability in HTTP administration interface of the Network Device.
This exploits attacks pPim 1.0 software. By creating a specially crafted link an attacker can run arbitrary commands with the privileges of the web server process.
This module exploits a Remote File Inclusion vulnerability in phpJobScheduler 3.0.
This module exploits a phpBB2 2.0.15 Remote File Inclusion.
osCommerce is prone to an arbitrary-file-upload vulnerability because it fails to adequately sanitize user-supplied input. An attacker can exploit this vulnerability to upload arbitrary code and execute it in the context of the webserver process. This may facilitate unauthorized access or privilege escalation; other attacks are also possible.
Input passed to the IP parameter in mw_plugin.php is not properly sanitised before being used to include files. This can be exploited to include arbitrary files from local and remote resources via directory traversal attacks and URL-encoded NULL bytes. The vulnerable version is 1.2.3 and below.
Report.php fails to sanitize user input data on StartingDirectory parameter when used in an include. The vulnerable version is 10.04.x.
This exploits attacks Mambo 4.6.4 software. A remote file inclusion vulnerability is present in Mambo. /includes/Cache/Lite/Output.php doesn't sanitize the $mosConfig_absolute_path before using it in an include.
FCKeditor is prone to an arbitrary-file-upload vulnerability because it fails to adequately sanitize user-supplied input. An attacker can exploit this vulnerability to upload arbitrary code and execute it in the context of the webserver process. This may facilitate unauthorized access or privilege escalation; other attacks are also possible.
Input passed to the SECURITY_FILE parameter in wp-content/plugins/dm-albums/template/album.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local or external resources.