Mambo Component multibanners 1.0.1 - Remote File Inclusion

Mambo Component multibanners 1.0.1 - Remote File Inclusion SolpotCrew Community Com Multibanners Remote File Inclusion mosConfigabsolutepath original advisory : http://solpotcrew.org/adv/BlueSpy-adv-multibanners.txt Bug Found By :Blue|Spy contact: [email protected] Website : http://kunamgede.biz,...

EUVD-2006-3765

Multiple PHP remote file inclusion vulnerabilities in component.php in iManage CMS 4.0.12 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the absolutepath parameter to 1 articles.php, 2 contact.php, 3 displaypage.php, 4 faq.php, 5 mainbody.php, 6 news.php, 7...

Directory traversal

Absolute path directory traversal vulnerability in 1 MERAK Mail Server for Windows 8.3.8r with before IceWarp Web Mail 5.6.1 and 2 VisNetic MailServer before 8.5.0.5 allows remote authenticated users to include arbitrary files via a modified language parameter and a full Windows or UNC pathname i...

MiniBB 1.5 - 'news.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/19095/info MiniBB is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include arbitrary remote files containing malicious PHP code and execute it in the context o...

calendar157.txt

--------------------------------------------------------------------------------- Calendar Module = 1.5.7 Remote File Include Vulnerabilities --------------------------------------------------------------------------------- Author : Matdhule Contact : [email protected] Application : Calendar...

MiniBB Mambo Component <= 1.5a Remote File Include Vulnerabilities

No description provided by source. --------------------------------------------------------------------------------------------- MiniBB Forum Mambo Component = 1.5a Remote File Include Vulnerabilities -----------------------------------------------------------------------------------------------...

CVE-2006-3488

Absolute path traversal vulnerability in administrador.asp in VirtuaStore 2.0 allows remote attackers to possibly read arbitrary directories or files via an absolute path with Windows drive letter in the Pasta parameter when link=util, acao=ftp, and acaba=sim...

DCP-Portal.txt

Kurdish Security Advisory irc.gigachat.net kurdhack http://www.milw0rm.com/exploits/1905 Editor DHTML Scripting bugz $urlpatheditor = "$rooturl/library/editor/"; $abspatheditor = "$root/library/editor/"; ? Proof Of Concept...

CVE-2006-2982

Multiple PHP remote file inclusion vulnerabilities in Enterprise Timesheet and Payroll Systems EPS 1.1 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the absolutepath parameter in 1 footer.php and 2 admin/footer.php...

CVE-2006-2983

PHP remote file inclusion vulnerability in Enterprise Timesheet and Payroll Systems EPS 1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the absolutepath parameter in cal.php. NOTE: the provenance of this information is unknown; the details are obtained solely fr...

CVE-2006-2633

The CVE-2006-2633 entry describes an absolute path traversal in ByteHoard 2.1 and earlier, where the copy action in index.php can be exploited by remote authenticated users to create or overwrite files in other users’ directories by supplying the absolute directory path in infolder and the filena...

Directory traversal

Directory traversal vulnerability in webcm in the D-Link DSL-G604T Wireless ADSL Router Modem allows remote attackers to read arbitrary files via an absolute path in the getpage parameter...

Directory traversal

Directory traversal vulnerability in Dynamic Galerie 1.0 allows remote attackers to access arbitrary files via an absolute path in the pfad parameter to 1 index.php and 2 galerie.php...

CVE-2006-2295

Directory traversal vulnerability in Dynamic Galerie 1.0 allows remote attackers to access arbitrary files via an absolute path in the pfad parameter to 1 index.php and 2 galerie.php...

CVE-2006-2295

CVE-2006-2295 describes a directory traversal vulnerability in Dynamic Galerie 1.0. The flaw allows remote attackers to access arbitrary files by supplying an absolute path in the pfad parameter to (1) index.php or (2) galerie.php. The root cause is insufficient validation/sanitization of the pat...

Directory traversal

Directory traversal vulnerability in admin/folders/saveuploadfiles.asp in Hosting Controller 2002 RC 1 allows remote authenticated users to overwrite arbitrary files via an absolute path in the OpenPath parameter...

CVE-2006-1621

CVE-2006-1621 describes a directory traversal vulnerability in Hosting Controller 2002 RC 1, affecting the admin/folders/saveuploadfiles.asp handler. The flaw allows remote authenticated users to overwrite arbitrary files by supplying an absolute path in the OpenPath parameter, enabling potential...

Path traversal

Absolute path traversal vulnerability in Easy File Sharing EFS Web Server 3.2 allows remote registered users to execute arbitrary code by uploading a malicious file to the Windows startup folder...

CVE-2006-1161

Absolute path traversal vulnerability in Easy File Sharing EFS Web Server 3.2 allows remote registered users to execute arbitrary code by uploading a malicious file to the Windows startup folder...

Path traversal

CubeCart 3.0 through 3.6 does not properly check authorization for an administration session because of a missing auth.inc.php include, which results in an absolute path traversal vulnerability in FileUpload in connector.php aka upload.php that allows remote attackers to upload arbitrary files vi...