Coppermine Photo Gallery 1.4.22 - SQL Injection

!/usr/bin/perl Coppermine Photo Gallery '; banner; $lwp-defaultheader'Accept-Language: en-us,en;q=0.5'; my $html = injrequest' WHERE x'; Wrong query to obtain an error ifnot defined $html print "- Request mistake. Exploit terminated!\n"; exit ; elsif$html = /There was an error while processing a...

Copermine Photo Gallery 1.4.22 LFI / SQL Injection

!/usr/bin/perl Coppermine Photo Gallery '; banner; $lwp-defaultheader'Accept-Language: en-us,en;q=0.5'; my $html = injrequest' WHERE x'; Wrong query to obtain an error ifnot defined $html print "- Request mistake. Exploit terminated!\n"; exit ; elsif$html = /There was an error while processing a...

CVE-2009-1559

Absolute path traversal vulnerability in adm/file.cgi on the Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R24 and possibly 1.00R22 allows remote attackers to read arbitrary files via an absolute pathname in the thisfile parameter. NOTE: traversal via a .. dot dot is probably als...

Path traversal

Absolute path traversal vulnerability in adm/file.cgi on the Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R24 and possibly 1.00R22 allows remote attackers to read arbitrary files via an absolute pathname in the thisfile parameter. NOTE: traversal via a .. dot dot is probably als...

CVE-2009-1559

The CVE-2009-1559 entry relates to an absolute path traversal vulnerability in the adm/file.cgi component of the Cisco Linksys WVC54GCA wireless video camera. Affected firmware is listed as 1.00R24 and possibly 1.00R22. The vulnerability allows remote attackers to read arbitrary files by supplyin...

CVE-2009-1559

Absolute path traversal vulnerability in adm/file.cgi on the Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R24 and possibly 1.00R22 allows remote attackers to read arbitrary files via an absolute pathname in the thisfile parameter. NOTE: traversal via a .. dot dot is probably als...

Mandriva Update for tomcat5 MDKSA-2007:241 (tomcat5)

Check for the Version of tomcat5 OpenVAS Vulnerability Test Mandriva Update for tomcat5 MDKSA-2007:241 tomcat5 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

Path traversal

Absolute path traversal vulnerability in phpcksec.php in Stefan Ott phpcksec 0.2.0 allows remote attackers to list arbitrary directories and read arbitrary files via a full pathname in the file parameter...

CVE-2008-6610

CVE-2008-6610 affects Stefan Ott’s phpcksec 0.2.0 via an absolute path traversal in phpcksec.php. An attacker can remote read files and list arbitrary directories by supplying a full pathname in the file parameter. This is the stated vulnerability and impact in multiple sources (CVE/NVD). The ava...

Path traversal

Absolute path traversal vulnerability in upload.php in Rapidleech rev.36 and earlier allows remote attackers to read arbitrary files via a base64-encoded absolute path in the filename parameter...

CVE-2009-0753

Absolute path traversal vulnerability in MLDonkey 2.8.4 through 2.9.7 allows remote attackers to read arbitrary files via a leading "//" double slash in the filename...

CVE-2009-0753

CVE-2009-0753 affects MLDonkey 2.8.4–2.9.7 where the web interface mishandles filenames with leading //, enabling a remote attacker to read arbitrary files. Gentoo GLSA-200903-36 and Debian/Fedora advisories document this as an information-disclosure vulnerability via the web interface. The recom...

CVE-2008-6002

Absolute path traversal vulnerability in sendfile.php in web-cp 0.5.7, when registerglobals is enabled, allows remote attackers to read arbitrary files via a full pathname in the filelocation parameter...

Path traversal

Absolute path traversal vulnerability in admin/fileKontrola/browser.asp in Omnicom Content Platform OCP 2.0 allows remote attackers to list arbitrary directories via a full pathname in the root parameter...

Path traversal

Absolute path traversal vulnerability in sendfile.php in web-cp 0.5.7, when registerglobals is enabled, allows remote attackers to read arbitrary files via a full pathname in the filelocation parameter...

CVE-2008-5997

CVE-2008-5997: Absolute path traversal in Omnicom Content Platform (OCP) 2.0 — vulnerable code path is admin/fileKontrola/browser.asp. The root parameter can be used remotely to enumerate directories. Connected sources confirm the vulnerability and impact (directory listing/CONF disclosure); no e...

Teach you how to get hzhost installation absolute path-vulnerability warning-the black bar safety net

There are some friends in to see my hzhost invasion series of articles,also encountered the catalog is not in the D drive difficulties. I'm in theand then burst hzhost the virtual host of the sql injection vulnerabilitymentioned,can be put in the registry to store the absolute path value is updat...

Path traversal

Absolute path traversal vulnerability in front-end/dir.php in mini-pub 0.3 and earlier allows remote attackers to list arbitrary directories via a full pathname in the sDir parameter...

CVE-2008-5883

CVE-2008-5883 describes an absolute path traversal in mini-pub (front-end/dir.php) prior to version 0.3, where a full pathname supplied in the sDir parameter allows remote attackers to list arbitrary directories. Documents confirm the affected component and root cause; exploitation details are no...

CVE-2008-5579

The CVE-2008-5579 entry applies to mini-pub 0.3, affecting the file mini-pub.php/front-end/cat.php. The issue is an absolute path traversal vulnerability that allows remote attackers to read arbitrary files by supplying a full pathname in the sFileName parameter. This is a straightforward input-v...