ciriboflacs

2 exploits Active since Oct 2006
CVE-2006-7132 EXPLOITDB perl WORKING POC
PHPMyDesk 1.0beta - Directory Traversal via pmdlang Parameter
Directory traversal vulnerability in pmd-config.php in PHPMyDesk 1.0beta allows remote attackers to include arbitrary local files via the pmdlang parameter to viewticket.php.
CVE-2006-5505 EXPLOITDB perl WORKING POC
2BGal 3.0 - Remote PHP File Inclusion via Lang Parameter
Multiple PHP file inclusion vulnerabilities in 2BGal 3.0 allow remote attackers to execute arbitrary PHP code via the lang parameter to (1) admin/configuration.inc.php, (2) admin/creer_album.inc.php, (3) admin/changepwd.php.inc, and unspecified other files. NOTE: the provenance of this information is unknown; the details are obtained from third party information.