Lucene search
K

292 matches found

Cvelist
Cvelist
added 2008/01/25 3:0 p.m.16 views

CVE-2008-0459

Directory traversal vulnerability in update/index.php in Liquid-Silver CMS 0.35, when magicquotesgpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. dot dot in the update parameter...

7.1AI score0.01915EPSS
Exploits1References5
CVE
CVE
added 2008/01/25 3:0 p.m.39 views

CVE-2008-0459

CVE-2008-0459 affects Liquid-Silver CMS 0.35. A directory traversal flaw in update/index.php allows remote attackers to include and execute arbitrary local files via .. in the update parameter when magic_quotes_gpc is disabled. Root cause: inadequate input sanitization leading to local file inclu...

6.8CVSS7.2AI score0.01915EPSS
Exploits1References5Affected Software1
seebug.org
seebug.org
added 2008/01/25 12:0 a.m.12 views

Liquid-Silver CMS 'update/index.php'本地文件包含漏洞

BUGTRAQ ID: 27425 CNCAN ID:CNCAN-2008012403 Liquid-Silver CMS是一款基于PHP的WEB应用程序。 Liquid-Silver CMS不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞以WEB权限查看系统文件内容。 问题是由于'update/index.php'脚本对用户提交的'update'参数处理缺少充分过滤,提交本地系统文件作为包含对象,可导致以WEB权限查看系统文件内容。 Liquid-Silver CMS Liquid-Silver CMS 0.3 目前没有详细解决方案提供:...

6.9AI score
Exploits0
Packet Storm
Packet Storm
added 2008/01/24 12:0 a.m.17 views

liquidsilver-lfi.txt

Liquid-Silver CMS Local File Inclusion Vulnerabilities http://sourceforge.net/project/showfiles.php?groupid=171166 author : Stack-Terrorist v40 foor read a php file ?update=name of file iwthout php for execute exploit does not write extention of file exploit : /Script/update/index.php?update=/nam...

7.4AI score
Exploits0
0day.today
0day.today
added 2008/01/23 12:0 a.m.36 views

Liquid-Silver CMS 0.1 (update) Local File Inclusion Vulnerability

Exploit for unknown platform in category web applications ================================================================= Liquid-Silver CMS 0.1 update Local File Inclusion Vulnerability ================================================================= Liquid-Silver CMS Local File Inclusion...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2008/01/23 12:0 a.m.13 views

Liquid-Silver CMS 0.1 - update Local File Inclusion

Liquid-Silver CMS 0.1 - update Local File Inclusion Liquid-Silver CMS Local File Inclusion Vulnerabilities http://sourceforge.net/project/showfiles.php?groupid=171166 author : Stack-Terrorist v40 foor read a php file ?update=name of file iwthout php for execute exploit does not write extention of...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2008/01/23 12:0 a.m.35 views

Liquid-Silver CMS 0.1 - 'update' Local File Inclusion

Liquid-Silver CMS Local File Inclusion Vulnerabilities http://sourceforge.net/project/showfiles.php?groupid=171166 author : Stack-Terrorist v40 foor read a php file ?update=name of file iwthout php for execute exploit does not write extention of file exploit : /Script/update/index.php?update=/nam...

7.4AI score
Exploits0
xssed
xssed
added 2007/10/09 12:0 a.m.8 views

Unfixed XSS vulnerability at www.liquidlibrary.com

Security researcher kusomiso.com, has submitted on 10/09/2007 a cross-site-scripting XSS vulnerability affecting www.liquidlibrary.com, which at the time of submission ranked 209776 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 12/09/2007. It...

6.6AI score
Exploits0References1
securityvulns
securityvulns
added 2005/12/17 12:0 a.m.67 views

AWF (Adaptive Website Framework) vuln.

AWF Adaptive Website Framework vuln. Vuln. discovered by : r0t Date: 17 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/awf-adaptive-website-framework-vuln.html vendor:http://www.awf-cms.org affected version:2.10 and prior Product Description: AWF Adaptive Website Framework by Liqu...

0.3AI score
Exploits0
NVD
NVD
added 2003/10/20 4:0 a.m.13 views

CVE-2003-0733

Multiple cross-site scripting XSS vulnerabilities in WebLogic Integration 7.0 and 2.0, Liquid Data 1.1, and WebLogic Server and Express 5.1 through 7.0, allow remote attackers to execute arbitrary web script and steal authentication credentials via 1 a forward instruction to the Servlet container...

6.8CVSS6.5AI score0.01348EPSS
Exploits0References2
Exploit DB
Exploit DB
added 2003/09/16 12:0 a.m.23 views

Liquid War 5.4.5/5.5.6 - HOME Environment Variable Buffer Overflow

// source: https://www.securityfocus.com/bid/8629/info Liquid War has been reported prone to a buffer overflow condition when handling HOME environment variables of excessive length. The issue presents itself, due to a lack of sufficient boundary checks performed on data contained in the HOME...

7AI score
Exploits0
CVE
CVE
added 2003/09/04 4:0 a.m.41 views

CVE-2003-0733

The CVE-2003-0733 entry describes multiple cross-site scripting (XSS) vulnerabilities affecting WebLogic products: WebLogic Integration 7.0/2.0, Liquid Data 1.1, and WebLogic Server/Express 5.1–7.0. The root cause is XSS in the WebLogic Console and related servlet handling, allowing remote attack...

6.8CVSS6.7AI score0.01348EPSS
Exploits0References2Affected Software3
Rows per page
Query Builder