OpenDock Easy Gallery 1.4 - 'doc_directory' File Inclusion

ECHOADV52$2006 ----------------------------------------------------------------------------------------------- ECHOADV52$2006OpenDock Easy Gallery =1.4 docdirectory Multiple Remote File Inclusion Vulnerability...

OpenDock Easy Gallery <= 1.4 (doc_directory) File Include Vulnerabilities

No description provided by source. ECHOADV52$2006 ----------------------------------------------------------------------------------------------- ECHOADV52$2006OpenDock Easy Gallery =1.4 docdirectory Multiple Remote File Inclusion Vulnerability...

OpenDock Easy Doc <=1.4 (doc_directory) File Include Vulnerabilities

Exploit for unknown platform in category web applications ==================================================================== OpenDock Easy Doc =1.4 docdirectory File Include Vulnerabilities ==================================================================== ECHOADV49$2006...

OpenDock Easy Doc 1.4 - doc_directory File Inclusion

OpenDock Easy Doc 1.4 - docdirectory File Inclusion ECHOADV49$2006 ----------------------------------------------------------------------------------------------- ECHOADV49$2006OpenDock Easy Doc =1.4 docdirectory Multiple Remote File Inclusion Vulnerability...

OpenDock Easy Blog <=1.4 (doc_directory) File Include Vulnerabilities

Exploit for unknown platform in category web applications ===================================================================== OpenDock Easy Blog =1.4 docdirectory File Include Vulnerabilities ===================================================================== ECHOADV50$2006...

OpenDock Easy Doc &lt;=1.4 (doc_directory) File Include Vulnerabilities

No description provided by source. ECHOADV49$2006 ----------------------------------------------------------------------------------------------- ECHOADV49$2006OpenDock Easy Doc =1.4 docdirectory Multiple Remote File Inclusion Vulnerability...

PHPSelect.txt

+-------------------------------------------------------------------- + + PHPSelect Web Development Division : = Remote File Inclusion + +-------------------------------------------------------------------- + + Affected Software .: PHPSelect Web Development Division + Venedor ...........:...

CVE-2006-5118

PHP remote file inclusion vulnerability in index.php3 in the PDD package for PHPSelect Web Development Division allows remote attackers to execute arbitrary PHP code via a URL in the ApplicationRoot parameter...

CVE-2006-5118

PHP remote file inclusion vulnerability in index.php3 in the PDD package for PHPSelect Web Development Division allows remote attackers to execute arbitrary PHP code via a URL in the ApplicationRoot parameter...

PHPSelect Web Development Division &lt;= Remote File Inclusion

+-------------------------------------------------------------------- + + PHPSelect Web Development Division : = Remote File Inclusion + +-------------------------------------------------------------------- + + Affected Software .: PHPSelect Web Development Division + Venedor ...........:...

PHPSelect Web Development - &#039;index.php3&#039; Remote File Inclusion

source: https://www.securityfocus.com/bid/20231/info PHPSelect Web Development is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. A successful exploit of this issue allows an attacker to execute arbitrary server-side script code on an affect...

ColdFusion MX Server Detection

The remote host is running Macromedia ColdFusion MX, a commercial application server and website development framework. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include"compat.inc"; if description scriptid22361; scriptversion"1.14";...

SOL6592 - Cross-Site Scripting vulnerability in the logon page

A cross-site scripting XSS vulnerability exists in the FirePass logon page. The affected FirePass logout URL fails to fully sanitize URL input before the web page content is sent to the browser. It is possible for an attacker to create web pages or emails with URLs that include executable code or...

JVN#99776858 Multiple vulnerabilities in Webmin and Usermin

Impact A remote attacker could conduct the followings: Steal Webmin and Usermin's configuration information Execute an arbitrary script on the user's web browser Possibly conduct a session hijack attack if session information from a cookie is leaked Solution Products Affected Webmin 1.290 and...

SquirrelMail 1.4.8 released - fixes variable overwriting attack

Hello all, Today SquirrelMail version 1.4.8 has been released with a collection of bugfixes and an important security fix. It was possible for an authenticated user to overwrite random variables in the compose.php script. This may open up possible attack vectors like reading or overwriting a user...

MIT Kerberos (krb5) krshd and v4rcp do not properly validate setuid() or seteuid() calls

Overview Privilege escalation vulnerabilities in MIT krb5 krshd and v4rcp may allow an authenticated attacker to execute arbitrary code. Description The MIT krb 5 krshd and v4rcp programs contain multiple privilege escalation vulnerabilities. MIT krb5 Security Advisory 2006-001 states that the...

DSA-1141-1 gnupg2 - integer overflow

Bulletin has no description...

JavaScript code can cause the browser attack-vulnerability warning-the black bar safety net

Security researchers have found a Use JavaScript to scan the family and the enterprise network, and attacks on the network server, and the router and printer and other equipment of the method. Researchers say the malicious JavaScript code can be embedded in a Web page, use the browser to browse t...

CVE-2006-3521

The CVE describes multiple cross-site scripting (XSS) vulnerabilities in SiteForge Collaborative Development Platform, specifically in index/siteforge-bugs-action/proj.siteforge, affecting version 1.0.4 and earlier. The issue arises from unescaped user-controlled input via the parameters _status,...

SOL5725 - pam_ldap password policy control vulnerability CAN-2005-2641

The pamldap authentication module may allow clients to authenticate with lower security ciphers than are normally required when the clients have been referred from another LDAP server. F5 Product Development tracked this issue as CR54024 and it was fixed in BIG-IP LTM 9.1.3 for the 9.1 software...