422 matches found
Directory traversal
Directory traversal vulnerability in download.php in Audio Article Directory allows remote attackers to read arbitrary files via directory traversal sequences in the file parameter...
Audio Article Directory - file Remote File Disclosure
Audio Article Directory - file Remote File Disclosure + Audio Article Directory Remote File Disclosure Vulnerability + Discovered By ThE g0bL!N Vendor:http://audioarticledirectory.com Poc --- Download.php one header'Content-Description: File Transfer'; header'Content-Type:...
Audio Article Directory (file) Remote File Disclosure Vulnerability
Exploit for unknown platform in category web applications =================================================================== Audio Article Directory file Remote File Disclosure Vulnerability =================================================================== + Audio Article Directory Remote File...
Audio Article Directory (file) Remote File Disclosure Vulnerability
No description provided by source. + Audio Article Directory Remote File Disclosure Vulnerability + Discovered By ThE g0bL!N Vendor:http://audioarticledirectory.com Poc --- Download.php ? $file = "./".$GET'file'; = one header'Content-Description: File Transfer'; header'Content-Type:...
Kasseler CMS - File Disclosure / Cross-Site Scripting
X X X X A K KK NN N EEEEEE TTTTTTTT X X A A K K N N N E TT XX AAAAA KK N N N EEE TT X X A A K K N N N E TT X X A A K KK N NN EEEEEE TT X X Author: Sr1pt - xaknet.ru GreetZ to all users xaknet.ru, especial: baltazar, Saint, X1mer@, Trash, Ic3, G1yuk, NEXGEN, ErrNick, deface and other .. Kasseler-C...
CVE-2009-1768
Directory traversal vulnerability in download.php in Rama Zaiten CMS 0.9.8 and earlier allows remote attackers to read arbitrary files via a .. dot dot in the file parameter...
ZaoCMS (download.php) Remote File Disclosure Vulnerability
No description provided by source. -------------------------------------------------------------- ZaoCMS Remote File Disclosure Vulnerability --------------------------------------------------------------- Founder :ThE g0bL!N Home:http://www.zaocms.com/ Software : ZaoCMS Note: The OperatIon Worke...
ZaoCMS (download.php) Remote File Disclosure Vulnerability
Exploit for unknown platform in category web applications ========================================================== ZaoCMS download.php Remote File Disclosure Vulnerability ========================================================== --------------------------------------------------------------...
Rama CMS <= 0.9.8 (download.php file) File Disclosure Vulnerability
No description provided by source. Start info: Script Name: Rama Zaitan Cms Script Project: http://sourceforge.net/project/showfiles.php?groupid=212495&packageid=255 590 Download: http://sourceforge.net/project/downloading.php?groupid=212495&filename=cms 975.zip&a=5782381 0.9.5 = Versions =0.9.8 ...
Rama CMS <= 0.9.8 (download.php file) File Disclosure Vulnerability
Exploit for unknown platform in category web applications =================================================================== Rama CMS Vul header'Content-Disposition: attachment; filename='.$file; switch $GET'type' case 'Doc': header 'Content-type: application/msword'; break; case 'Excel': header...
Rama CMS 0.9.8 - download.php File Disclosure
Rama CMS 0.9.8 - download.php File Disclosure Start info: Script Name: Rama Zaitan Cms Script Project: http://sourceforge.net/project/showfiles.php?groupid=212495&packageid=255590 Download: http://sourceforge.net/project/downloading.php?groupid=212495&filename=cms975.zip&a=5782381 0.9.5 Vul...
Rama CMS 0.9.8 - 'download.php' File Disclosure
Start info: Script Name: Rama Zaitan Cms Script Project: http://sourceforge.net/project/showfiles.php?groupid=212495&packageid=255590 Download: http://sourceforge.net/project/downloading.php?groupid=212495&filename=cms975.zip&a=5782381 0.9.5 Vul header'Content-Disposition: attachment;...
CVE-2008-6334
Directory traversal vulnerability in download.php in eMetrix Extract Website allows remote attackers to read arbitrary files via a .. dot dot in the filename parameter...
Directory traversal
Directory traversal vulnerability in download.php in eMetrix Extract Website allows remote attackers to read arbitrary files via a .. dot dot in the filename parameter...
CVE-2008-6336
CVE-2008-6336 affects the Text Lines Rearrange Script 1.0 and is a directory traversal vulnerability in download.php. When register_globals is enabled, an attacker can read arbitrary local files by supplying directory traversal sequences in the filename parameter. The connected documents corrobor...
CVE-2008-6288
Directory traversal vulnerability in download.php in Interface Medien ibase 2.03 and earlier allows remote attackers to read arbitrary files via a .. dot dot in the filename parameter...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in moziloCMS 1.10.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 page and 2 query parameters to a index.php, 3 cat and 4 file parameters to b download.php, 5 gal parameter to gallery.php, and the 6 URL to...
CVE-2008-6127
Multiple cross-site scripting XSS vulnerabilities in moziloCMS 1.10.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 page and 2 query parameters to a index.php, 3 cat and 4 file parameters to b download.php, 5 gal parameter to gallery.php, and the 6 URL to...
CVE-2008-6127
CVE-2008-6127 affects moziloCMS
CVE-2008-5766
CVE-2008-5766 describes an SQL injection vulnerability in the download.php endpoint of the Farsi Script Faupload application, exploitable via the troubled id parameter to run arbitrary SQL commands. Root cause: unsafely constructed SQL queries that incorporate user input without adequate sanitiza...