3750 matches found
Magic Uploader Mini Upload Vulnerability
Exploit for php platform in category web applications ======================================== Magic Uploader Mini Upload Vulnerability ======================================== ======================================================================================== | Title : Magic Uploader Mini...
PT-2010-3056 · Xt:Commerce · Xt:Commerce
Name of the Vulnerable Software and Affected Versions: xt:Commerce affected versions not specified Description: The issue allows remote attackers to execute arbitrary SQL commands via the coID parameter in the Direct URL module, specifically in the bluegate seo.inc.php file, when magic quotes gpc...
Directory traversal
Directory traversal vulnerability in the Magic Updater comjoomlaupdater component for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php...
CVE-2010-1307
Nuclei templates confirm a Local File Inclusion in Joomla! via the Magic Updater (com_joomlaupdater). The vulnerability arises from a directory traversal in the index.php controller parameter, allowing remote attackers to read arbitrary files. Affected component: Joomla! Magic Updater (com_joomla...
CVE-2010-1307
Directory traversal vulnerability in the Magic Updater comjoomlaupdater component for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in DynPG CMS 4.1.0, and possibly earlier, when magicquotesgpc is disabled and registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the 1 DefineRootToTool parameter to counter.php, 2 PathToRoot parameter to...
CVE-2010-1268
Directory traversal vulnerability in index.php in justVisual CMS 2.0, when magicquotesgpc is disabled, allows remote attackers to include and execute arbitrary local files directory traversal sequences in the p parameter. NOTE: some of these details are obtained from third party information...
Joomla Magic Updater Local File Inclusion
================================================================================================ Title : Joomla Magic Updater comjoomlaupdater LFI Vulnerability Date : Monday, 05 April 2010 Indonesia Author : Vrs-hCk Contact : anderatantisecurity.org Blog : http://c0li.blogspot.com/...
Joomla! Component Magic Updater - Local File Inclusion
================================================================================================ Title : Joomla Magic Updater comjoomlaupdater LFI Vulnerability Date : Monday, 05 April 2010 Indonesia Author : Vrs-hCk Contact : anderatantisecurity.org Blog : http://c0li.blogspot.com/...
Joomla Magic Updater com_joomlaupdater LFI Vulnerability
Exploit for php platform in category web applications ======================================================== Joomla Magic Updater comjoomlaupdater LFI Vulnerability ========================================================...
CVE-2010-1217
Directory traversal vulnerability in the JE Form Creator comjeformcr component for Joomla!, when magicquotesgpc is disabled, allows remote attackers to read arbitrary files via directory traversal sequences in the view parameter to index.php. NOTE: the original researcher states that the affected...
CVE-2010-1055
Multiple PHP remote file inclusion vulnerabilities in osDate 2.1.9 and 2.5.4, when magicquotesgpc is disabled and registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the configforuminstalled parameter to 1 forum/adminLogin.php and 2 forum/userLogin.php...
CVE-2010-1063
Multiple directory traversal vulnerabilities in Phpkobo Free Real Estate Contact Form 1.09, when magicquotesgpc is disabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the LANGCODE parameter to 1 codelib/cfg/common.inc.php, 2...
As Many as 3,000 Vodafone Memory Cards Infected by Malware
The malware that was found on a pair of Vodafone memory cards installed in HTC Magic handsets recently has in fact affected an entire batch of 3,000 memory cards, the company said. Vodafone Spain said that the company’s investigation into the incident found that a much larger number of cards was...
Sql injection
SQL injection vulnerability in tt/index.php in TT Web Site Manager 0.5, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the ttname parameter. NOTE: some of these details are obtained from third party information...
CVE-2009-4722
SQL injection vulnerability in the CheckLogin function in includes/functions.php in Limny 1.01, when magicquotesgpc is disabled, allows remote attackers to execute arbitrary SQL commands via the username parameter...
Directory traversal
Multiple directory traversal vulnerabilities in Geekhelps ADMP 1.01, when magicquotesgpc is disabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the style parameter to 1 colorvoid/footer.php, 2 default-green/footer.php, 3...
CVE-2010-0967
Multiple directory traversal vulnerabilities in Geekhelps ADMP 1.01, when magicquotesgpc is disabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the style parameter to 1 colorvoid/footer.php, 2 default-green/footer.php, 3...
CVE-2010-0958
CVE-2010-0958 describes a directory traversal vulnerability in Tribisur (versions 2.1, 2.0 and earlier) affecting the file modules/hayoo/index.php when magic_quotes_gpc is disabled. Attackers could use directory traversal sequences in the theme parameter to include and execute arbitrary files. Th...
Vodafone-Distributed Handset Found Pre-installed With Mariposa Bot
Security researchers have found the Mariposa bot client pre-installed on a mobile phone handset distributed in Europe, and say that the malware looks to have been installed on the phone’s memory card. The phone, the HTC Magic, runs the Google Android mobile operating system, and is a low-priced...