5292 matches found
Computer Software Manufaktur Alibaba 2.0 - Multiple CGI Vulnerabilties
No description provided by source. source: http://www.securityfocus.com/bid/770/info There are several CGI programs that ship with the Alibaba webserver. Many of these do not do proper input handling, and therefore will allow requests for access to files outside of normal or safe webserver...
Insanely Simple Blog 0.4/0.5 Blog Anonymous Blog Entry XSS
No description provided by source. source: http://www.securityfocus.com/bid/24934/info Insanely Simple Blog is prone to multiple input-validation vulnerabilities, including cross-site scripting, HTML-injection, and SQL-injection issues, because the application fails to properly sanitize...
FreeQBoard 1.0/1.1 QB_Path Parameter Multiple Remote File Include Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/21394/info FreeQboard is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. A successful exploit of these issues allows an attacker to execute arbitrary...
SiteScape Forum 'dispatch.cgi' Tcl Command Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/26963/info SiteScape Forum is prone to a command-injection vulnerability because it fails to adequately sanitize user-supplied input. Attackers can exploit this issue to execute arbitrary commands in the context of the...
Grayscale BandSite CMS 1.1 pastshows_content.php the_band Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/20137/info Grayscale BandSite CMS is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. These issues may allow an attacker to access sensitive informatio...
Jaw Portal 1.2 - 'index.php' Multiple Local File Include Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/31099/info Jaw Portal is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities using directory-traversal strings to...
Pixaria PopPhoto 3.5.4 CFG[popphoto_base_path] Parameter Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/17970/info Pixaria PopPhoto is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include an...
CommunityPortals 1.0 Bug.PHP Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/20466/info CommunityPortals is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker can exploit this issue to have malicious PHP code execute in the...
Dune 0.6.7 HTTP Get Remote Buffer Overrun Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7945/info It has been reported that Dune is vulnerable to a remote boundary condition error when handling long requests. This could allow a remote attacker to execute arbitrary code on a vulnerable system. / dune0.6.7+-:...
Campsite 2.6.1 UserType.php g_documentRoot Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/23874/info Campsite is prone to multiple remote file-include vulnerabilities. Exploiting this issue allows remote attackers to execute code in the context of the webserver. This issue affects Campsite 2.6.1. Earlier...
phpix 1.0 - Directory Traversal vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1773/info PHPix is a web-based photo-album system written in PHP. It is vulnerable to an attack that allows a malicious remote user to view arbitrary files on the target webserver with the privileges of the webserver. The...
PHPBB 1.2.4 For Mambo Multiple Remote File Include Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/18914/info phpBB for Mambo is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to...
Dokeos <= 1.8.4 whoisonline.php id Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/27792/info Dokeos is prone to multiple input-validation vulnerabilities including five SQL-injection issues, one HTML-injection issue, three cross-site scripting issues, and one arbitrary-file-upload issue. Attackers can...
PHPBB Advanced Quick Reply Hack 1.0/1.1 - Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6173/info The phpBB Advanced Quick Reply Hack is prone to an issue which may allow attackers to include arbitrary files from a remote server. It is possible for remote attackers to influence the include path for...
AlstraSoft Video Share Enterprise 4.x Multiple Input Validation Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/25019/info AlstraSoft Video Share Enterprise is affected by multiple input-validation vulnerabilities. These issues include multiple cross-site scripting vulnerabilities and multiple SQL-injection vulnerabilities...
Dokeos <= 1.8.4 main/calendar/myagenda.php courseCode Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/27792/info Dokeos is prone to multiple input-validation vulnerabilities including five SQL-injection issues, one HTML-injection issue, three cross-site scripting issues, and one arbitrary-file-upload issue. Attackers can...
1C: Arcadia Internet Store 1.0 Arbitrary File Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2902/info 1C: Arcadia Internet Store is a online shopping utility for Microsoft Windows NT/2000 that is fully integratable with 1C: Enterprise, another popular Russian web-commerce utility. One of the components of this...
Freeway 1.4.1.171 - french/account_newsletters.php language Parameter Traversal Local File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/30731/info Freeway is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities using directory-traversal strings to view...
Dokeos <= 1.8.4 main/admin/session_list.php cmessage Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/27792/info Dokeos is prone to multiple input-validation vulnerabilities including five SQL-injection issues, one HTML-injection issue, three cross-site scripting issues, and one arbitrary-file-upload issue. Attackers can...
AlstraSoft Affiliate Network Pro 8.0 merchants/temp.php rowid Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/25026/info AlstraSoft Affiliate Network Pro is affected by multiple input-validation vulnerabilities. These issues include multiple cross-site scripting isues and SQL-injection issues. A successful exploit could allow an...