178 matches found
CVE-2008-2220
Multiple PHP remote file inclusion vulnerabilities in Interact Learning Community Environment Interact 2.4.1, when registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the 1 CONFIGLANGUAGECPATH parameter to modules/forum/embedforum.php and the 2...
CVE-2008-2220
CVE-2008-2220 affects Interact Learning Community Environment Interact 2.4.1. The vulnerability arises when register_globals is enabled and enables remote PHP code execution via remote file inclusion. Specifically, an attacker can supply a URL via CONFIG[LANGUAGE_CPATH] to modules/forum/embedforu...
CVE-2008-2220
Multiple PHP remote file inclusion vulnerabilities in Interact Learning Community Environment Interact 2.4.1, when registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the 1 CONFIGLANGUAGECPATH parameter to modules/forum/embedforum.php and the 2...
interact 2.4.1 Multiple Remote File Inclusion Vulnerabilities
No description provided by source. -========================================== ViVa Islam + YeMeN ====================================- Name : interact 2.4.1 Multiple Remote RFI Vulnerabiliy Download From : http://puzzle.dl.sourceforge.net/sourceforge/cce-interact/interact-2-4-1.tar.gz Found By :...
interact 2.4.1 Multiple Remote File Inclusion Vulnerabilities
Exploit for unknown platform in category web applications ============================================================= interact 2.4.1 Multiple Remote File Inclusion Vulnerabilities ============================================================= -========================================== ViVa Isla...
Interact 2.4.1 - Multiple Remote File Inclusions
Interact 2.4.1 - Multiple Remote File Inclusions -========================================== ViVa Islam + YeMeN ====================================- Name : interact 2.4.1 Multiple Remote RFI Vulnerabiliy Download From :...
Interact 2.4.1 - Multiple Remote File Inclusions
-========================================== ViVa Islam + YeMeN ====================================- Name : interact 2.4.1 Multiple Remote RFI Vulnerabiliy Download From : http://puzzle.dl.sourceforge.net/sourceforge/cce-interact/interact-2-4-1.tar.gz Found By : RoMaNcYxHaCkEr RoMaNTiC-TeaM...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Interact before 2.4 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this might overlap CVE-2007-3328...
CVE-2007-4177
Multiple cross-site scripting XSS vulnerabilities in Interact before 2.4 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this might overlap CVE-2007-3328...
CVE-2007-4177
Multiple cross-site scripting XSS vulnerabilities in Interact before 2.4 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: this might overlap CVE-2007-3328...
CVE-2007-4177
CVE-2007-4177: Multiple cross-site scripting (XSS) vulnerabilities in Interact before 2.4 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. The linked record notes potential overlap with CVE-2007-3328. Public details in the provided documents do not specify th...
CVE-2007-3328
Multiple cross-site scripting XSS vulnerabilities in Interact 2.4 beta 1 allow remote attackers to inject arbitrary web script or HTML via the 1 modulekey parameter to a kb/kb.php, b quiz/runquiz.php, c quiz/quiz.php, d forum/forum.php, e forum/byname.php, and f journal/journalview.php in modules...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Interact 2.4 beta 1 allow remote attackers to inject arbitrary web script or HTML via the 1 modulekey parameter to a kb/kb.php, b quiz/runquiz.php, c quiz/quiz.php, d forum/forum.php, e forum/byname.php, and f journal/journalview.php in modules...
CVE-2007-3328
Multiple cross-site scripting XSS vulnerabilities in Interact 2.4 beta 1 allow remote attackers to inject arbitrary web script or HTML via the 1 modulekey parameter to a kb/kb.php, b quiz/runquiz.php, c quiz/quiz.php, d forum/forum.php, e forum/byname.php, and f journal/journalview.php in modules...
CVE-2007-3328
CVE-2007-3328 affects Interact 2.4 beta 1 and is described as multiple XSS vulnerabilities. The vulnerable components are in Interact modules: (1) module_key parameter used by kb/kb.php, quiz/runquiz.php, quiz/quiz.php, forum/forum.php, forum/byname.php, journal/journalview.php; (2) tag_key param...
Interact multiple XSS vuln.
Interact multiple XSS vuln. Vuln. discovered by : r0t Date: 21 June 2007 vendor:www.interactole.org orginal advisory: http://pridels-team.blogspot.com/2007/06/interact-multiple-xss-vuln.html affected versions: tested on "Interact 2.4 beta 1" other versions also can be affected. Interact contains ...
Interact远程文件包含漏洞
Interact是一款基于PHP的WEB应用程序。 Interact不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞以WEB进程权限执行任意命令。 问题是由于多个脚本对用户提交的'CONFIGBASEPATH'参数缺少过滤,提交恶意的远程服务器作为包含对象,可导致以WEB进程权限执行任意PHP代码。 Interact Learning Community Environment Interact 2.2 http://www.interactlms.org/spaces/space.php?spacekey=1&javascript=1...
CVE-2006-4448
Multiple PHP remote file inclusion vulnerabilities in interact 2.2, when registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the 1 CONFIGBASEPATH parameter in a admin/autoprompter.php and b includes/common.inc.php, and the 2 CONFIGLANGUAGECPATH parameter ...
CVE-2006-4448
CVE-2006-4448 concerns PHP remote file inclusion in Interact 2.2/2.x when register_globals is on. The vulnerable vectors are (1) CONFIG[BASE_PATH] via admin/autoprompter.php and includes/common.inc.php, and (2) CONFIG[LANGUAGE_CPATH] via admin/autoprompter.php. This allows arbitrary PHP code exec...
CVE-2006-4448
Multiple PHP remote file inclusion vulnerabilities in interact 2.2, when registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the 1 CONFIGBASEPATH parameter in a admin/autoprompter.php and b includes/common.inc.php, and the 2 CONFIGLANGUAGECPATH parameter ...