Rizgar

9 exploits Active since Aug 2007
CVE-2007-4329 EXPLOITDB text WORKING POC
Web News 1.1 - RCE
Multiple PHP remote file inclusion vulnerabilities in Web News 1.1 allow remote attackers to execute arbitrary PHP code via a URL in the config[root_ordner] parameter to (1) index.php, (2) news.php, or (3) feed.php.
CVE-2007-4329 EXPLOITDB text WORKING POC
Web News 1.1 - RCE
Multiple PHP remote file inclusion vulnerabilities in Web News 1.1 allow remote attackers to execute arbitrary PHP code via a URL in the config[root_ordner] parameter to (1) index.php, (2) news.php, or (3) feed.php.
CVE-2007-4329 EXPLOITDB text WORKING POC
Web News 1.1 - RCE
Multiple PHP remote file inclusion vulnerabilities in Web News 1.1 allow remote attackers to execute arbitrary PHP code via a URL in the config[root_ordner] parameter to (1) index.php, (2) news.php, or (3) feed.php.
CVE-2007-4330 EXPLOITDB text WORKING POC
Shoutbox 1.0 - RCE
PHP remote file inclusion vulnerability in shoutbox.php in Shoutbox 1.0 allows remote attackers to execute arbitrary PHP code via a URL in the root parameter.
CVE-2007-4314 EXPLOITDB text WORKING POC
Pixlie 1.7 - DoS
pixlie.php in Pixlie 1.7 allows remote attackers to trigger the reading and JPEG image processing of files in a remote directory tree via a URL in the root parameter. NOTE: this can be leveraged for traffic amplification or other denial of service.
CVE-2007-4325 EXPLOITDB text WORKING POC
Gaestebuch 1.5 - RCE
PHP remote file inclusion vulnerability in index.php in Gaestebuch 1.5 allows remote attackers to execute arbitrary PHP code via a URL in the config[root_ordner] parameter.
CVE-2007-4327 EXPLOITDB text WORKING POC
File Uploader 1.1 - RCE
Multiple PHP remote file inclusion vulnerabilities in File Uploader 1.1 allow remote attackers to execute arbitrary PHP code via a URL in the config[root_ordner] parameter to (1) index.php or (2) datei.php.
CVE-2007-4327 EXPLOITDB text WORKING POC
File Uploader 1.1 - RCE
Multiple PHP remote file inclusion vulnerabilities in File Uploader 1.1 allow remote attackers to execute arbitrary PHP code via a URL in the config[root_ordner] parameter to (1) index.php or (2) datei.php.
CVE-2007-4328 EXPLOITDB text WORKING POC
Mapos Bilder Galerie <1.0 - RCE
Multiple PHP remote file inclusion vulnerabilities in Mapos Bilder Galerie 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the config[root_ordner] parameter to (1) index.php, (2) galerie.php, or (3) anzagien.php. NOTE: A later report states that 1.1 is also affected, but that the filename for vector 3 is anzeigen.php.