BandSite CMS 1.1 - news_content.php Cross-Site Scripting

BandSite CMS 1.1 - newscontent.php Cross-Site Scripting source: https://www.securityfocus.com/bid/20137/info Grayscale BandSite CMS is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. These issues may allow an attacker to acces...

BandSite CMS 1.1 - gbook_content.php Cross-Site Scripting

BandSite CMS 1.1 - gbookcontent.php Cross-Site Scripting source: https://www.securityfocus.com/bid/20137/info Grayscale BandSite CMS is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. These issues may allow an attacker to acce...

BandSite CMS 1.1 - 'news_content.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/20137/info Grayscale BandSite CMS is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. These issues may allow an attacker to access sensitive information, execute arbitrary server-side...

BandSite CMS 1.1 - 'signgbook_content.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/20137/info Grayscale BandSite CMS is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. These issues may allow an attacker to access sensitive information, execute arbitrary server-side...

BandSite CMS 1.1 - 'help_merch.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/20137/info Grayscale BandSite CMS is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. These issues may allow an attacker to access sensitive information, execute arbitrary server-side...

BandSite CMS 1.1 - 'help_news.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/20137/info Grayscale BandSite CMS is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. These issues may allow an attacker to access sensitive information, execute arbitrary server-side...

PHProjekt Content Management Module 0.6.1 - Multiple Remote File Inclusions

PHProjekt Content Management Module 0.6.1 - Multiple Remote File Inclusions source: https://www.securityfocus.com/bid/19628/info Multiple remote file-include vulnerabilities affect the Content Management module for PHProjekt because the application fails to properly sanitize user-supplied input...

free QBoard 1.1 - about.php?qb_path Remote File Inclusion

free QBoard 1.1 - about.php?qbpath Remote File Inclusion source: https://www.securityfocus.com/bid/18780/info Plume CMS is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. A successful exploit of these issues allows the attacker to...

PHP Photo Album 0.2.3/4.1 - Local File Inclusion

source: https://www.securityfocus.com/bid/15651/info phpAlbum is prone to a local file-include vulnerability. An attacker may leverage this issue to execute arbitrary server-side script code that resides on an affected computer with the privileges of the webserver process. Note that this issue ma...

GuppY 4.5 - editorTypetool.php?meskin Traversal Arbitrary File Access

GuppY 4.5 - editorTypetool.php?meskin Traversal Arbitrary File Access source: https://www.securityfocus.com/bid/15610/info GuppY is affected by multiple local file include and information disclosure vulnerabilities. An attacker may leverage these issues to execute arbitrary server-side script cod...

MySource 2.14 - 'Span.php?PEAR_PATH' Remote File Inclusion

source: https://www.securityfocus.com/bid/15133/info MySource is prone to multiple remote and local file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to execute arbitrary...

MySource 2.14 - 'Socket.php?PEAR_PATH' Remote File Inclusion

source: https://www.securityfocus.com/bid/15133/info MySource is prone to multiple remote and local file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to execute arbitrary...

MySource 2.14 - 'init_mysource.php?INCLUDE_PATH' Remote File Inclusion

source: https://www.securityfocus.com/bid/15133/info MySource is prone to multiple remote and local file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to execute arbitrary...

Autolinks 2.1 Pro - 'Al_initialize.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/14686/info AutoLinks Pro is prone to a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary server-side script code on an...

SaveWebPortal 3.4 - Unauthorized Access

source: https://www.securityfocus.com/bid/14639/info SaveWebPortal is prone to an unauthorized access vulnerability. This issue is due to a failure in the application to limit access to administrative scripts. An attacker may leverage this issue to execute arbitrary server-side script code on an...

PHPMyFAQ 1.5.1 - Local File Inclusion

source: https://www.securityfocus.com/bid/14929/info PHPMyFAQ is prone to a local file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary server-side script code that resides o...

PHPTB Topic Board 2.0 - dev_o.php?absolutepath Remote File Inclusion

PHPTB Topic Board 2.0 - devo.php?absolutepath Remote File Inclusion source: https://www.securityfocus.com/bid/14592/info PHPTB is prone to multiple remote file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may...

PHPTB Topic Board 2.0 - admin_o.php?absolutepath Remote File Inclusion

PHPTB Topic Board 2.0 - admino.php?absolutepath Remote File Inclusion source: https://www.securityfocus.com/bid/14592/info PHPTB is prone to multiple remote file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may...

PHPTB Topic Board 2.0 - 'board_o.php?absolutepath' Remote File Inclusion

source: https://www.securityfocus.com/bid/14592/info PHPTB is prone to multiple remote file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to execute arbitrary server-side script...

Spid 1.3 - 'lang_path' File Inclusion

source: https://www.securityfocus.com/bid/14208/info SPiD is a gallery management application written in PHP. SPiD is prone to a remote file include vulnerability, due to lack of validation of user input. An attacker may leverage this issue to execute arbitrary server-side script code on an...