chromium-browser: Incorrect handling of plaintext files via file://

Parsing documents as HTML in Downloads in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to cause Chrome to execute scripts via a local non-HTML page...

Web Service Deluxe News Manager 1.0.1 Deluxe Footer.PHP Local File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/23499/info News Manager Deluxe is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized user to view files and execute local...

Sahana Agasti Multiple Input Validation Vulnerabilities

Sahana Agasti is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

OrangeHRM <= 2.6.1 'uri' Parameter LFI Vulnerability

OrangeHRM is prone to a local file include LFI vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

OpenBiblio 0.x - &#039;theme_preview.php?themeName&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/27053/info OpenBiblio is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. The issues include SQL-injection, cross-site scripting, HTML-injection, and local file-include vulnerabilities...

Pyrophobia 2.1.3.1 - Traversal Arbitrary File Access

source: https://www.securityfocus.com/bid/22667/info Pyrophobia is prone to multiple input-validation vulnerabilities, including multiple local file-include issues and multiple cross-site scripting issues. An attacker can exploit these issues to steal cookie-based authentication credentials, view...