5292 matches found
Campsite 2.6.1 implementation/management/db_connect.php g_documentRoot Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/23874/info Campsite is prone to multiple remote file-include vulnerabilities. Exploiting this issue allows remote attackers to execute code in the context of the webserver. This issue affects Campsite 2.6.1. Earlier...
pacific software url live! 1.0 - Directory Traversal vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/746/info The URL Live! free webserver from Pacific software is susceptible to the ../ directory traversal vulnerability. By using the '../' string in a URL, an attacker can gain read access to files outside the intended w...
OpenX <= 2.6.2 'MAX_type' Parameter Local File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/33458/info OpenX is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to view files and execute local scripts in the context ...
Campsite 2.6.1 Subscription.php g_documentRoot Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/23874/info Campsite is prone to multiple remote file-include vulnerabilities. Exploiting this issue allows remote attackers to execute code in the context of the webserver. This issue affects Campsite 2.6.1. Earlier...
NOCC 1.0 filter_prefs.php html_filter_select Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/16793/info NOCC Webmail is prone to multiple input-validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to inject...
Campsite 2.6.1 - LocalizerLanguage.php g_documentRoot Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/23874/info Campsite is prone to multiple remote file-include vulnerabilities. Exploiting this issue allows remote attackers to execute code in the context of the webserver. This issue affects Campsite 2.6.1. Earlier...
Grayscale BandSite CMS 1.1 signgbook_content.php the_band Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/20137/info Grayscale BandSite CMS is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. These issues may allow an attacker to access sensitive informatio...
Weekly Drawing Contest 0.0.1 Check_Vote.PHP Local File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/22937/info Weekly Drawing Contest is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized user to view local files on the...
Dating Gold 3.0.5 header.php int_path Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/24910/info AzDG Dating Gold is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute an arbitrary...
PHP-Nuke 8.0 autohtml.php Local File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/26807/info Dance Music is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized remote user to view files and execute local...
Tiny Web Gallery 1.5 Image Parameter Multiple Remote File Include Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/19462/info Tiny Web Gallery is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary...
Dating Gold 3.0.5 footer.php int_path Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/24910/info AzDG Dating Gold is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute an arbitrary...
ION Script 1.4 - Remote File Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6091/info A vulnerability has been discovered in ION Script. By sending a malicious HTTP request to a webserver running the vulnerable ION Script package, it is possible for a remote attacker to disclose arbitrary webserv...
PHP-Nuke DownloadsPlus Module - Arbitrary File Upload Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/28919/info The DownloadsPlus module for PHP-Nuke is prone to a vulnerability that lets remote attackers upload and execute arbitrary code because the application fails to sanitize user-supplied input. This issue permits...
A+ PHP Scripts News Management System 0.3 Multiple Input Validation Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/29912/info A+ PHP Scripts News Management System is prone to multiple input-validation vulnerabilities, including a remote file-include issue, multiple local file-include issues, and a cross-site scripting issue. An...
CNC Technology BizDB 1.0 bizdb-search.cgi Remote Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1104/info BizDB is a web databse integration product using perl CGI scripts. One of the scripts, bizdb-search.cgi, passes a variable's contents to an unchecked open call and can therefore be made to execute commands at th...
eNpaper1 Root_Header.PHP Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/18649/info eNpaper1 is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input to the application. An attacker may leverage this issue to have an arbitrary remote file...
PHP 5.2.5 'mbstring.func_overload' Webserver Denial Of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/33542/info PHP is prone to a denial-of-service vulnerability because it fails to limit global scope for certain settings relating to Unicode text operations. Attackers can exploit this issue to crash the affected webserve...
Dating Gold 3.0.5 secure.admin.php int_path Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/24910/info AzDG Dating Gold is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute an arbitrary...
Mantis 0.15.x/0.16/0.17.x JPGraph Remote File Include Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5504/info Mantis depends on include files to provide some functionality, such as dynamic generation of graphs. However, since Mantis does not properly validate the path to the include file, it is possible for attackers to...