5292 matches found
PunBB 1.x SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/20786/info PunBB is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may exploit these issues to execute arbitrary script code in the context of...
Actionpoll 1.1.1 db/DataReaderWriter.php CONFIG_DB Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/20788/info Actionpoll is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote fi...
Campsite 2.6.1 ArticleData.php g_documentRoot Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/23874/info Campsite is prone to multiple remote file-include vulnerabilities. Exploiting this issue allows remote attackers to execute code in the context of the webserver. This issue affects Campsite 2.6.1. Earlier...
Absolute News Manager .NET 5.1 pages/default.aspx template Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/26692/info Absolute News Manager .NET is prone to multiple remote vulnerabilities, including multiple cross-site scripting, SQL-injection, and information-disclosure issues. Attackers can exploit these issues to steal...
aWebNews 1.1 listing.php path_to_news Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/22781/info aWebNews is prone to multiple remote file-include vulnerabilities. An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code and execute it in the context of the...
Actionpoll 1.1.1 db/PollDB.php CONFIG_DATAREADERWRITER Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/20788/info Actionpoll is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote fi...
Campsite 2.6.1 ArticleImage.php g_documentRoot Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/23874/info Campsite is prone to multiple remote file-include vulnerabilities. Exploiting this issue allows remote attackers to execute code in the context of the webserver. This issue affects Campsite 2.6.1. Earlier...
Exhibit Engine 1.22 fetchsettings.php toroot Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/20793/info Exhibit Engine Software is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. A successful exploit of these issues allows an attacker to execute...
teamshare teamtrack 3.0 - Directory Traversal vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/689/info TeamTrack 3.00 has a built-in webserver which is meant to be used during the evaluation period, or until IIS or Netscape Enterprise/FastTrack is installed. This server does not filter out requested paths containi...
Absolute News Manager .NET 5.1 getpath.aspx Direct Request Error Message Information
No description provided by source. source: http://www.securityfocus.com/bid/26692/info Absolute News Manager .NET is prone to multiple remote vulnerabilities, including multiple cross-site scripting, SQL-injection, and information-disclosure issues. Attackers can exploit these issues to steal...
Campsite 2.6.1 ArticleTopic.php g_documentRoot Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/23874/info Campsite is prone to multiple remote file-include vulnerabilities. Exploiting this issue allows remote attackers to execute code in the context of the webserver. This issue affects Campsite 2.6.1. Earlier...
MKPortal 1.2.1 /modules/blog/index.php Home Template Textarea SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/33300/info MKPortal is prone to multiple security vulnerabilities, including SQL-injection, HTML-injection, cross-site scripting, arbitrary-file-upload, and insecure-temporary-file-creation vulnerabilities. Attackers can...
HTTP 1.1 GET Request Directory Traversal Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/39590/info The HTTP application is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue will allow an attacker to view arbitrary local files and...
CIS WebServer 3.5.13 Remote Directory Traversal Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/12662/info A vulnerability has been identified in the handling of certain types of requests by CIS WebServer. Because of this, it is possible for an attacker to gain access to potentially sensitive system files. The probl...
t. hauck jana webserver 1.0/1.45/1.46 - Directory Traversal vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/699/info The Jana webserver is susceptible to directory traversal attacks using multiple dots in the URL. If the request is made in specific formats, the server will send out files outside of the intended webroot. http...
singapore 0.9.x/0.10 Multiple Parameter Traversal Arbitrary File Access
No description provided by source. source: http://www.securityfocus.com/bid/18518/info singapore gallery is prone to directory-traversal and cross-site scripting vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit...
Campsite 2.6.1 ArticleTypeField.php g_documentRoot Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/23874/info Campsite is prone to multiple remote file-include vulnerabilities. Exploiting this issue allows remote attackers to execute code in the context of the webserver. This issue affects Campsite 2.6.1. Earlier...
PHP Web Explorer 0.99b edit.php file Parameter Traversal Local File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/31595/info PHP Web Explorer is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities using directory-traversal string...
Fujitsu ServerView <= 4.50.8 DBASCIIAccess Remote Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/24762/info Fujitsu ServerView is prone to a remote command-execution vulnerability because it fails to adequately sanitize user-supplied data. Attackers can exploit this issue to execute arbitrary commands with the...
Generation Terrorists Designs & Concepts Sojourn 2.0 File Access Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1052/info Any file that the webserver has read access to can be read on a server running the Sojourn search engine. The Sojourn software includes the ability to organize a website into categories. These categories can the...