E. Setio Dewo

3 exploits Active since Nov 2006
CVE-2006-6138 EXPLOITDB text WORKING POC
Sisfo Kampus 0.8 - Directory Traversal via download.php dir Parameter
Directory traversal vulnerability in download.php in Sisfo Kampus 0.8 allows remote attackers to list arbitrary directories via an absolute pathname in the dir parameter.
CVE-2006-6137 EXPLOITDB text WORKING POC
Sisfo Kampus 0.8 - Remote File Inclusion via exec or print Parameter
Multiple PHP remote file inclusion vulnerabilities in Sisfo Kampus 0.8 allow remote attackers to execute arbitrary PHP code via a URL in the (1) exec parameter to index.php or (2) print parameter to print.php, which is also accessible via the print command to index.php.
CVE-2006-6140 EXPLOITDB text WORKING POC
Sisfo Kampus 2006 - Remote File Inclusion via slnt Parameter
PHP remote file inclusion vulnerability in Sisfo Kampus 2006 (Semarang 3) allows remote attackers to execute arbitrary PHP code via a URL in the slnt parameter to (1) index.php and (2) print.php. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information.