5292 matches found
Pyrophobia 2.1.3.1 admin/index.php Multiple Parameter Traversal Arbitrary File Access
No description provided by source. source: http://www.securityfocus.com/bid/22667/info Pyrophobia is prone to multiple input-validation vulnerabilities, including multiple local file-include issues and multiple cross-site scripting issues. An attacker can exploit these issues to steal cookie-base...
KC Wiki 1.0 - minimal/wiki.php page Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/28074/info KC Wiki is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to include arbitrary remote files containing...
PHP-Charts 1.0 - PHP Code Execution Vulnerability
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...
KC Wiki 1.0 - simplest/wiki.php page Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/28074/info KC Wiki is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to include arbitrary remote files containing...
CedStat 1.31 index.php hier Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/22588/info CedStat is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker can exploit this issue to execute arbitrary PHP code in the context of the...
phpBB 2.0.x Viewtopic.PHP PHP Script Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/10701/info The 'viewtopic.php' phpBB script is prone to a remote PHP script injection vulnerability because the application fails to properly sanitize user-supplied URI parameters before using them to construct dynamicall...
Plantilla list_main_pages.php nfolder Parameter Traversal Arbitrary File Access
No description provided by source. source: http://www.securityfocus.com/bid/22669/info Simple Plantilla PHP is prone to multiple input-validation issues, including a local file-include vulnerability and an arbitrary file-upload vulnerability. Attackers can exploit the local file-include...
PHPSavant Savant2 stylesheet.php mosConfig_absolute_path Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/19151/info Savant2 is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to include arbitrary remote files containing...
Multiple Web Wiz Products Remote Information Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/27419/info Web Wiz Forums, NewsPad, and Rich Text Editor are prone to a remote information-disclosure vulnerability because they fail to properly sanitize user-supplied input. An attacker can exploit this issue to retriev...
HTMLEditBox 2.2 Config.PHP Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/23664/info htmlEditbox is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker can exploit this vulnerability to execute malicious PHP code in the context ...
LoveCMS 1.4 install/index.php step Parameter Traversal Arbitrary File Access
No description provided by source. source: http://www.securityfocus.com/bid/22675/info LoveCMS is prone to multiple input-validation vulnerabilities, including an arbitrary-file-upload issue, a remote file-include issue, a local file-include issue, and a cross-site scripting issue. An attacker ca...
MinaliC Webserver 1.0 - Denial of Service Vulnerability
No description provided by source. ------------------------------------------------------------------------ Software................MinaliC Webserver 1.0 Vulnerability...........Denial Of Service Download................http://sourceforge.net/projects/minalic/ Release Date............10/24/2010...
LoveCMS 1.4 index.php id Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/22675/info LoveCMS is prone to multiple input-validation vulnerabilities, including an arbitrary-file-upload issue, a remote file-include issue, a local file-include issue, and a cross-site scripting issue. An attacker ca...
CoDeSys SCADA 2.3 - Remote Exploit
No description provided by source. / See Also: http://aluigi.altervista.org/adv/codesys1-adv.txt CoDeSys v2.3 Industrial Control System Development Software Remote Buffer Overflow Exploit for CoDeSys Scada webserver Author : Celil UNUVER, SignalSEC Labs www.signalsec.com Tested on WinXP SP1 EN TH...
Lodel CMS 0.7.3 Calcul-Page.PHP Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/20551/info Lodel CMS is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. A successful exploit of this issue allows an attacker to execute arbitrary server-side script...
T. Hauck Jana Server 1.45/1.46 Hex Encoded Directory Traversal Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2703/info It is possible for a remote user to traverse the directories of a host running Jana Server. Submitting a specially crafted URL using hex encoded 'double dot' sequences will reveal arbitrary directories. In...
Boa Webserver 0.94.x Terminal Escape Sequence in Logs Command Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/37718/info Boa Webserver is prone to a command-injection vulnerability because it fails to adequately sanitize user-supplied input in logfiles. Attackers can exploit this issue to execute arbitrary commands in a terminal...
Apache 1.3/2.0.x Server Side Include Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5847/info Apache is reported to be vulnerable to cross site scripting attacks. This vulnerability is due to the SSI error pages of the webserver not being properly sanitized of malicious HTML code. Attacker-supplied HTML...
Dotproject 2.0 /includes/db_connect.php baseDir Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/16648/info Dotproject is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to includ...
GuppY 2.4 - Remote File Access Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8769/info GuppY is prone to an issue that could allow a remote attacker to read or write to files on the vulnerable server. This issue presents itself in the tinymsg.php component of the software. The attacker could only...