ProManager 0.73 (config.php) Local File Inclusion Vulnerability

No description provided by source. -------------------------------------- Pro Manager 0.73 Local File Inclusion Vuln -------------------------------------- http://www.sfr-fresh.com/unix/privat/proManager-0.73.tar.gz -------------------------------------- By : Stack email : Wanted...

Cross site scripting

Cross-site scripting XSS vulnerability in view.php in ActualScripts ActualAnalyzer Server 8.37 and earlier, ActualAnalyzer Gold 7.74 and earlier, ActualAnalyzer Pro 6.95 and earlier, and ActualAnalyzer Lite 2.78 and earlier allows remote attackers to inject arbitrary web script or HTML via the...

CVE-2008-2527

Cross-site scripting XSS vulnerability in view.php in ActualScripts ActualAnalyzer Server 8.37 and earlier, ActualAnalyzer Gold 7.74 and earlier, ActualAnalyzer Pro 6.95 and earlier, and ActualAnalyzer Lite 2.78 and earlier allows remote attackers to inject arbitrary web script or HTML via the...

CVE-2008-2527

Cross-site scripting XSS vulnerability in view.php in ActualScripts ActualAnalyzer Server 8.37 and earlier, ActualAnalyzer Gold 7.74 and earlier, ActualAnalyzer Pro 6.95 and earlier, and ActualAnalyzer Lite 2.78 and earlier allows remote attackers to inject arbitrary web script or HTML via the...

Directory traversal

Multiple directory traversal vulnerabilities in cpCommerce 1.1.0 allow remote attackers to include and execute arbitrary local files via a .. dot dot in 1 the language parameter in a language action to the default URI, which is not properly handled in actions/language.act.php, or 2 the action...

CVE-2008-1908

Multiple directory traversal vulnerabilities in cpCommerce 1.1.0 allow remote attackers to include and execute arbitrary local files via a .. dot dot in 1 the language parameter in a language action to the default URI, which is not properly handled in actions/language.act.php, or 2 the action...

CVE-2008-1908

Multiple directory traversal vulnerabilities in cpCommerce 1.1.0 allow remote attackers to include and execute arbitrary local files via a .. dot dot in 1 the language parameter in a language action to the default URI, which is not properly handled in actions/language.act.php, or 2 the action...

Directory traversal

Multiple directory traversal vulnerabilities in index.php in Ksemail allow remote attackers to read arbitrary local files via a .. dot dot in the 1 language and 2 lang parameters...

CVE-2008-1751

Multiple directory traversal vulnerabilities in index.php in Ksemail allow remote attackers to read arbitrary local files via a .. dot dot in the 1 language and 2 lang parameters...

Directory traversal

Directory traversal vulnerability in login.php in Cuteflow Bin 1.5.0 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the language parameter...

CVE-2008-1493

Directory traversal vulnerability in login.php in Cuteflow Bin 1.5.0 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the language parameter...

Directory traversal

Directory traversal vulnerability in user/header.php in Affiliate Market 0.1 BETA allows remote attackers to include and execute arbitrary local files via a .. dot dot in the language parameter...

CVE-2008-0794

Directory traversal vulnerability in user/header.php in Affiliate Market 0.1 BETA allows remote attackers to include and execute arbitrary local files via a .. dot dot in the language parameter...

CVE-2008-0794

Directory traversal vulnerability in user/header.php in Affiliate Market 0.1 BETA allows remote attackers to include and execute arbitrary local files via a .. dot dot in the language parameter...

Directory traversal

Multiple directory traversal vulnerabilities in TuMusika Evolution 1.7R5 allow remote attackers to include and execute arbitrary local files via a .. dot dot in the language parameter to 1 languagesn.php, 2 languagesf.php, or 3 languages.php in inc/; and 4 allow remote attackers to read arbitrary...

CVE-2007-6188

Multiple directory traversal vulnerabilities in TuMusika Evolution 1.7R5 allow remote attackers to include and execute arbitrary local files via a .. dot dot in the language parameter to 1 languagesn.php, 2 languagesf.php, or 3 languages.php in inc/; and 4 allow remote attackers to read arbitrary...

Claroline inc/lib/language.lib.php language Parameter Traversal Local File Inclusion

The version of Claroline installed on the remote host fails to sanitize user-supplied input to the 'language' parameter before using it to include PHP code in the 'loadtranslation' method in 'claroline/inc/lib/language.lib.php'. Regardless of PHP's 'registerglobals' setting, an unauthenticated,...

Directory traversal

Directory traversal vulnerability in inc/lib/language.lib.php in Claroline before 1.8.6 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the language parameter...

CVE-2007-4718

Claroline is affected by a Directory Traversal (CVE-2007-4718) in inc/lib/language.lib.php where the language parameter is unsafely used to include files. Versions before 1.8.6 are vulnerable to Local File Inclusion, allowing remote attackers to view arbitrary files or execute PHP code on the ser...

Directory traversal

Directory traversal vulnerability in activateuser.php in 2532|Gigs 1.2.1 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the language parameter...