LittleSite 0.1 'file' Parameter Local File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/43495/info LittleSite is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and to...

OsClass 3.4.1 (index.php, file param) - Local File Inclusion

No description provided by source...

Splunk collect file Directory Traversal (CVE-2013-6771)

A directory traversal vulnerability has been found in Splunk. The vulnerability is due to insufficient sanitization of user-provided input to the advanced search functionality in the "file" parameter of the "collect" script...

WordPress SCv1 Theme - Local File Disclosure

Estrutura Basica themes are prone to a local file disclosure vulnerability via the "file" parameter. Solution Update the theme...

CVE-2014-3064

The GDS component in IBM InfoSphere Master Data Management - Collaborative Edition 10.x and 11.x before 11.0 FP4 and InfoSphere Master Data Management Server for Product Information Management 9.0 and 9.1 allows remote authenticated users to read arbitrary files via a crafted UNIX file parameter...

Design/Logic Flaw

The GDS component in IBM InfoSphere Master Data Management - Collaborative Edition 10.x and 11.x before 11.0 FP4 and InfoSphere Master Data Management Server for Product Information Management 9.0 and 9.1 allows remote authenticated users to read arbitrary files via a crafted UNIX file parameter...

Kmita Mail <= 3.0 (file) Remote File Inclusion Vulnerability

No description provided by source. \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV94$2008 ----------------------------------------------------------------------------------------- ECHOADV94$2008 Kmita Mail = 3.0 file Remote File Inclusion Vulnerability...

dompdf 0.6.0 beta1 - Remote File Inclusion Vulnerability

No description provided by source. ================================== apps dompdf RFI Vulnerability ================================== ==================================================== x ExpL0it TitLe : apps dompdf RFI Vulnerability x DatE : 01 September 2010 x AutH0r : AndreCorleone x Softwar...

Directory traversal

Multiple directory traversal vulnerabilities in PHP-Fusion before 7.02.06 allow remote authenticated users to include and execute arbitrary files via a .. dot dot in the 1 usertheme parameter to maincore.php; or remote authenticated administrators to delete arbitrary files via the 2 enable...

CVE-2014-2383

dompdf.php in dompdf before 0.6.1, when DOMPDFENABLEPHP is enabled, allows context-dependent attackers to bypass chroot protections and read arbitrary files via a PHP protocol and wrappers in the inputfile parameter, as demonstrated by a php://filter/read=convert.base64-encode/resource in the...

UBUNTU-CVE-2014-2383

dompdf.php in dompdf before 0.6.1, when DOMPDFENABLEPHP is enabled, allows context-dependent attackers to bypass chroot protections and read arbitrary files via a PHP protocol and wrappers in the inputfile parameter, as demonstrated by a php://filter/read=convert.base64-encode/resource in the...

PT-2014-4669 · Dompdf · Dompdf

Name of the Vulnerable Software and Affected Versions: dompdf versions prior to 0.6.1 Description: The issue allows context-dependent attackers to bypass chroot protections and read arbitrary files via a PHP protocol and wrappers in the input file parameter. This can be demonstrated by using a...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in ownCloud 4.5.x before 4.5.7 allow remote attackers to inject arbitrary web script or HTML via 1 a crafted iCalendar file to the calendar application, the 2 dir or 3 file parameter to apps/filespdfviewer/viewer.php, or the 4 mountpoint parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in flashmediaelement.swf in MediaElement.js before 2.11.2, as used in ownCloud Server 5.0.x before 5.0.5 and 4.5.x before 4.5.10, allows remote attackers to inject arbitrary web script or HTML via the file parameter...

WebPagetest 'file' parameter Local File Disclosure Vulnerability

WebPagetest is prone to local file disclosure vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2023-11526 · Suricata +3 · Suricata +3

Name of the Vulnerable Software and Affected Versions: Pfsense version 2.1.3 Pfsense Suricata version 1.4.6 pkg version 1.0.1 Description: A Directory Traversal issue allows a remote attacker to obtain sensitive information via the file parameter to the "suricata/suricata logs browser.php"...

UBUNTU-CVE-2013-5588

Multiple cross-site scripting XSS vulnerabilities in Cacti 0.8.8b and earlier allow remote attackers to inject arbitrary web script or HTML via 1 the step parameter to install/index.php or 2 the id parameter to cacti/host.php...

Cross site scripting

Cross-site scripting XSS vulnerability in fileview.asp in C2 WebResource allows remote attackers to inject arbitrary web script or HTML via the File parameter...

CVE-2013-0125

Cross-site scripting XSS vulnerability in fileview.asp in C2 WebResource allows remote attackers to inject arbitrary web script or HTML via the File parameter...

CVE-2013-0125

Cross-site scripting XSS vulnerability in fileview.asp in C2 WebResource allows remote attackers to inject arbitrary web script or HTML via the File parameter...