In PHP 5.2.0 it is possible to bypass safe_mode using writing mode.
146c4e06b2914516d79cb83afd2fb7356244433c4db5e34e399e6cdc488eaca4PHP 5.2.0 suffers from a bypass vulnerability in session.save_path safe_mode and open_basedir.
1f05ac2e906ef1f0128077bb48afea5c3b72a3fa8b5420fc64dd1130473063a8PHP versions 5.1.6 and below and versions 4.4.4 and below suffer from a php_admin* bypass via ini_restore().
5a825a95a6a2e241648770d4d2394bbd9e9749e4f22bb1376ad2bca0651d2277It is possible to use the error_log function to bypass safe mode in PHP 5.1.4 and 4.4.2
69dcde6236188d1a1843507726eaab7b5d146ea0cda8bb889b32fc10c645b338It appears that there may be a safe mode bypass via error_log() in PHP versions 5.1.4 and 4.4.2.
c6f9c7254b26d331e6110e668cae4d3caae2f637d4f4cd180b3663b45d4a142dIn PHP 5.1.4 it is possible to create a file with any name by exploiting a vulnerability in tempnam().
bab989edac8b4f3f2fbf7e79979276e58536f687cf9acdf27e2821d3ca064565It is possible to bypass safe mode in PHP 4.4.2 and 5.1.4 by using the cURL library.
eba31ea55a15a1de800cc0128b61c8e37eeb88095d17345ce36c9a70dcc1db02phpBB version 2.0.20 suffers from full path disclosure and SQL errors.
f038ea39ebfcb19fdba73fba1e5223155e5b79addf97f621d56e5d29f6268420It is possible to bypass the open_basedir restriction in PHP 4.4.2 and 5.1.2 by using the tempnam() function.
f538262704c21a70a6e2d64df6548a15f178d6808a99ab84feba29ddc913d87fIt is possible to crash php and possibly apache by using a recursive function call. Tested on PHP 4.4.2 and 5.1.2.
629e887103a607ea88675761f74bad078c61e2d2c8db6ebab560d5d9890a5b87PHP 4.4.2 and 5.1 allows for a safe mode bypass via the copy() function.
e61c4b8601115e3b07ad0f6eb72b0832ffcff46804cbfef6a2c12db9fdcc6a03phpinfo() in PHP 5.1.2 and 4.4.2 suffers from a XSS vulnerability.
9955b8c58a297e95b17dd458fac33b5f9fdec78ea074960b389f9b29b3c05c08PostNuke versions less than or equal to 0.761 suffer from SQL injection and XSS if magic_quotes_gpc is off.
a604b558c6e92ba6deb8ee048543b0d78e6b50ac84af760916dc75f0b78271c7phpBB 2.0.19 suffers from several Cross Site Request Forgeries and XSS vulnerabilities. Detailed exploitation provided.
36244d0f29ea85a82eb2aee292986ca0e89de4e9442204575d28b918fa6e808aphpBB 2.0.18 is susceptible to cross site scripting and path disclosure issues.
e1df557dc552d0f29527c2970c4b3bd38e24684dc6429892295fcf7bbdeab84dPHPNUKE versions 7.9 and below suffer from a cross site scripting filter bypass vulnerability. Details provided.
b822066411260c1bad7f9ab633bb20601f987a203ef129643115c960a7336b8cphpMyAdmin 2.6.4-pl1 is susceptible to a local file inclusion vulnerability.
7e9e234acd7dc588242bf4e36dd317e113de0f0f7dcc551856ae9eaa3ebac46bGeSHi version 1.0.72 is susceptible to a local file inclusion vulnerability.
1b769d2ceebbe29458133f77b4b4f3c635e125a1a866a8a371bdfc04f5cfe7dfPostNuke 0.760 suffers from cross site scripting and SQL injection vulnerabilities.
db0ff0cb54efaab2f793cc7e9f64870bb6ca7bb1eabc75f10fe944a4c07d26bephpAdsNew and phpPgAds versions 2.0.5 and below suffer from an arbitrary file inclusion flaw. Detailed exploitation provided.
6833a14c5428a1ab7069a247b24dedc54ba6daa383bffdce736f79ab0ab23c66Postnuke versions 0.760RC3 and below suffer from SQL injection attacks.
d3af81e0fc22d49f4eaec7866a406567c5653a2db0e52361ec350a5075b14188Postnuke versions 0.760RC3 and below suffer from cross site scripting and path disclosure flaws.
66ddf9e4e255853e95f73457bdca13fd14f34ad15d3055d1961499c6d00b4af7Postnuke versions 0.750 and below suffer from SQL injection flaws.
8fc3d61af2f62298fa9053aa283fdf4a3d664c16d3dc97510075482c7e0df365PHPNuke 7.6 is susceptible to multiple SQL injection vulnerabilities in the Web_Links module cXIb803.14.
60d72dd7277f7f18f9bc11e7c141afad2bbe83ef23916ed5d81d6bac84512910PHPNuke 7.6 is susceptible to multiple SQL injection vulnerabilities in the Downloads module cXIb803.13.
edd182cbf088c1e3d61aad3bb195dc0aee217341ddd31ba25ce407e364dbf7e8
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed