Web Service Deluxe News Manager 1.0.1 Deluxe Footer.PHP Local File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/23499/info News Manager Deluxe is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized user to view files and execute local...

Zabbix Authenticated Remote Command Execution

No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit4 Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient def...

PHProg 1.0 - Multiple Input Validation Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/19942/info PHProg is prone to multiple input-validation vulnerabilities because the application fails to sanitize user-supplied input. These issues include a cross-site scripting vulnerability and a local file-include...

eCardMAX HotEditor 4.0 Keyboard.PHP Local File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/23377/info eCardMAX HotEditor is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized user to view files and execute local...

Adobe IndesignServer 5.5 SOAP Server Arbitrary Script Execution

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...

Pre Classified Listings 1.0 'signup.asp' Cross Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/32567/info Pre Classified Listings is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary script code in the...

Active Calendar 1.2 ShowCode.PHP Local File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/22704/info Active Calendar is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized user to view files and execute local...

QuadComm Q-Shop 2.5 Failure To Validate Credentials Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8153/info Zone-H has reported that the Q-Shop ASP shopping cart software contains a vulnerability that may allow remote attackers to upload arbitrary files. Once uploaded, the attacker may be able to have the script...

Forum 5 PM.PHP Local File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/18967/info Forum 5 is prone to a local file-include vulnerability. The application fails to sanitize user input when executing the script. In particular the script fails to check for the presence of a directory-traversal...

Topic Calendar 1.0.1 Calendar_Scheduler.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/12893/info Topic Calendar is reportedly affected by a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to...

Invision Power Services Invision Board 2.1 admin.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/15344/info Invision Power Board is prone to multiple cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issu...

PhPepperShop 1.4 index.php URL XSS

No description provided by source. source: http://www.securityfocus.com/bid/32690/info PhPepperShop is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the...

Cruiseworks 1.09 Cws.exe Doc Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/20699/info Cruiseworks is prone to a remote buffer-overflow vulnerability. Specifically, the application fails to validate input passed to the 'doc' parameter of the '/scripts/cruise/cms.exe' application. Cruiseworks 1.09...

Cerberus Helpdesk 2.7 Clients.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16439/info Cerberus Helpdesk is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have...

PHPBB2 Page_Header.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6888/info A SQL injection vulnerability has been reported in phpBB2. phpBB2, in some cases, does not sufficiently sanitize user-supplied input which is used when constructing SQL queries. As a result, attackers may supply...

translucid 1.75 Multiple Vulnerabilities

No description provided by source. transLucid - Cross Site Scripting and HTML Injection Vulnerabilities Version Affected: 1.75 newest Info: transLucidonline is the easy website publishing system with which anyone can create and maintain web content, in multiple languages and based on a growing li...

All Enthusiast PhotoPost PHP Pro 5.0 adm-photo.php Arbitrary Image Manipulation

No description provided by source. source: http://www.securityfocus.com/bid/12779/info PhotoPost PHP Pro is a web-based image gallery application written in PHP. It can be implemented on any platform that supports PHP script execution. Multiple remote vulnerabilities affect All Enthusiast PhotoPo...

Microsoft Outlook Express 6 XML File Attachment Script Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5350/info An error has been reported in Microsoft Outlook Express which may allow malicious XML file attachments to execute arbitrary code in the context of the local system. Code execution could occur when the file...

ZO Tech Multiple Print Servers Cross-site Scripting Vulnerability

No description provided by source. GotGeek Labs http://www.gotgeek.com.br/ ZO Tech Multiple Print Servers Cross-site Scripting Vulnerability + Description 1 PA101 Fast Parallel Port Print Server 2 PU201 Fast USB Print Server 3 PA301 Parallel Port Print Server 4 PS531 USB & Parallel Print Server +...

PostBoard 2.0 Topic Title Script Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/4561/info PostBoard is a freely available, open source message board module for the PostNuke content management system. It is designed for use on the Unix and Linux operating systems. PostBoard does not adequately sanitiz...