SA-CONTRIB-2013-046 - Filebrowser - Reflected Cross Site Scripting (XSS)

Filebrowser module allows site administrators to expose a particular file system folder and all of its subfolders with an FTP-like interface to site visitors. The module doesn't sufficiently sanitize user input when presenting lists of files. Because the vulnerability is Reflected Cross Site...

Kohana Framework v2.3.3 - Directory Traversal Vulnerability

Title: ====== Kohana Framework v2.3.3 - Directory Traversal Vulnerability Date: ===== 2013-01-27 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=841 VL-ID: ===== 837 Common Vulnerability Scoring System: ==================================== 7.1 Introduction: ============...

Kohana Framework 2.3.3 - Directory Traversal

Kohana Framework 2.3.3 - Directory Traversal Title: ====== Kohana Framework v2.3.3 - Directory Traversal Vulnerability Date: ===== 2013-01-27 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=841 VL-ID: ===== 837 Common Vulnerability Scoring System:...

Kohana v2.3.3 - Directory Traversal Vulnerability

Document Title: =============== Kohana v2.3.3 - Directory Traversal Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=841 Release Date: ============= 2013-01-26 Vulnerability Laboratory ID VL-ID: ==================================== 837 Commo...

Kohana v2.3.3 - Directory Traversal Vulnerability

Document Title: =============== Kohana v2.3.3 - Directory Traversal Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=841 Release Date: ============= 2013-01-26 Vulnerability Laboratory ID VL-ID: ==================================== 837 Commo...

GetSimple CMS 3.1.2 Local File Inclusion / Path Disclosure

=========================================================================== Author: PuN!Sh3r Vulnerable Software: GetSimple CMS v 3.1.2 Official Site: http://get-simple.info/download/ =========================================================================== Hi to All.. We have Path Disclosure...

Directory traversal

Directory traversal vulnerability in admin/filebrowser.asp in A-shop 0.70 and earlier, and possibly 0.71, allows remote attackers to delete arbitrary files via unspecified filename references in the delfiles parameter...

CVE-2007-3936

CVE-2007-3936 describes a directory traversal vulnerability in admin/filebrowser.asp of the A-shop software, affecting version 0.70 and earlier, and possibly 0.71. The issue allows remote attackers to delete arbitrary files via unspecified filename references in the delfiles parameter. The connec...

CVE-2007-1167

inc/filebrowser/browser.php in deV!Lz Clanportal DZCP 1.4.5 and earlier allows remote attackers to obtain MySQL data via the inc/mysql.php value of the file parameter...