free QBoard 1.1 features.php qb_path Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/18780/info Plume CMS is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. A successful exploit of these issues allows the attacker to execute arbitrary...

MyWebland miniBloggie 1.0 Fname Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/19476/info miniBloggie is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious...

Jakarta Tomcat 3.x/4.0 Error Message Information Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3199/info When a malformed request is made for a Java Server Page the server displays an error page. The error page contains potentially sensitive information, along with the absolute path of the JSP file on the webserver...

SQL-Ledger 2.6.x/LedgerSMB 1.0 Terminal Parameter Directory Traversal Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/19960/info SQL-Ledger and LedgerSMB are prone to a remote directory-traversal vulnerability. An attacker can exploit this issue to include arbitrary files located on the vulnerable computer in the context of the webserver...

AzDGVote 0 Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17447/info AzDGVote is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary...

Plume CMS 1.0.4 search.php _PX_config[manager_path] Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/18780/info Plume CMS is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. A successful exploit of these issues allows the attacker to execute arbitrary...

MiraksGalerie 2.62 galsecurity.lib.php listconfigfile[0] Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/18313/info MiraksGalerie is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to...

Michael Lamont Savant WebServer 2.1 CGI Source Code Disclosure

No description provided by source. source: http://www.securityfocus.com/bid/1313/info Omitting the HTTP version from a GET request for a CGI script to the Savant Web Server discloses the source code of the script. telnet target 80 GET /cgi-bin/script.xyz HTTP/1.0 proper script execution/output GE...

phpAutoVideo 2.21 sidebar.php loadpage Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/27346/info phpAutoVideo is prone to a cross-site scripting vulnerability and a remote file-include vulnerability because it fails to properly sanitize user-supplied input. Attackers can exploit these issues to execute...

phpAutoVideo 2.21 index.php cat Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/27346/info phpAutoVideo is prone to a cross-site scripting vulnerability and a remote file-include vulnerability because it fails to properly sanitize user-supplied input. Attackers can exploit these issues to execute...

GoAhead WebServer 2.1.x URL Encoded Slash Directory Traversal Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5197/info A vulnerability has been reported for GoAhead WebServer 2.1. Reportedly, it is possible to launch directory traversal attacks against GoAhead WebServer. It is possible for remote attackers to access arbitrary...

Barryvan Compo Manager 0.3 - 'main.php' Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28035/info Barryvan Compo Manager is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containin...

Calendarix 0.7 'calpath' Parameter Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/37673/info Calendarix is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious...

Lussumo Vanilla 1.0 RootDirectory Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/19127/info Vanilla is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP...

Terracotta - 'index.php' Local File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28550/info Terracotta is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability using directory-traversal strings to view local...

RadScripts a_editpage.php filename Variable Arbitrary File Overwrite

No description provided by source. source: http://www.securityfocus.com/bid/19128/info Multiple Rad Scripts products are prone to an authentication-bypass vulnerability. These issues occur because the applications fail to prevent an attacker from accessing admin scripts directly without requiring...

Progress 3.1 Webspeed _CPYFile.P Unauthorized Access Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/23634/info Progress WebSpeed is prone to a vulnerability that lets attackers gain unauthorized access to and execute administrative scripts. An attacker may leverage this issue to create and execute malicious WebSpeed cod...

Malleo 1.2.3 'admin.php' Local File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/34588/info Malleo is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to view and execute arbitrary local files in the conte...

Prince Clan Chess Club 0.8 Include.PCchess.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/19138/info Prince Clan Chess Club for Mambo is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include arbitrary remote files...

phpMyTourney 2 - tourney/index.php Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/28057/info phpMyTourney is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing maliciou...