5291 matches found
MinaliC Webserver 2.0 - Remote Source Disclosure
No description provided by source. Exploit Title : MinaliC Webserver v2.0 Remote Source Disclosure Software link : http://sourceforge.net/projects/minalic/ Version : 2.0 Tested on : Windows 7 Home Premium Date : 27/07/2011 Author : X-h4ck Website : http://www.pirate.al ,...
Accellion File Transfer Appliance web_client_user_guide.html lang Parameter Traversal Arbitrary File Access
No description provided by source. source: http://www.securityfocus.com/bid/38176/info Accellion File Transfer Appliance is prone to multiple remote vulnerabilities, including: - Multiple privilege-escalation issues - A directory-traversal issue - An HTML-injection issue - A remote...
Blue Utopia 'index.php' Local File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/33851/info Blue Utopia is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to view and execute arbitrary local files in the...
kolibri+ webserver 2 - Directory Traversal vulnerability
No description provided by source. Name : Kolibri+ Webserver 2 , Directory Traversal Vulnerability Author : Usman Saeed Company : Xc0re Security Reasearch Group Date : 06/09/09 Homepage : http://www.xc0re.net Download Page :...
Small Axe Weblog 0.3.1 'ffile' Parameter Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/27383/info Small Axe Weblog is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing...
PHP Security Framework Multiple Input Validation Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/26898/info PHP Security Framework is prone to multiple input-validation vulnerabilities, including multiple SQL-injection issues and remote file-include issues. A successful exploit may allow an attacker to execute...
Magic News Plus 1.0.2 news.php link_parameters Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/22661/info Magic News Pro is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. These issues include a remote file-include issue and two cross-site...
GoAhead WebServer 2.1.x Error Page Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5198/info A vulnerability has been reported for GoAhead WebServer 2.1. Reportedly, it is possible for attackers to launch cross site scripting attacks against vulnerable systems. GoAhead WebServer includes unsanitized...
Grayscale BandSite CMS 1.1 merch_content.php the_band Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/20137/info Grayscale BandSite CMS is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied input data. These issues may allow an attacker to access sensitive informatio...
Japanese PHP Gallery Hosting Arbitrary File Upload Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/26179/info Japanese PHP Gallery Hosting is prone to an arbitrary-file-upload vulnerability because it fails to adequately sanitize user-supplied input. An attacker can exploit this vulnerability to upload arbitrary code a...
PHP-Nuke 'Seminars' Module - 'fileName' Parameter Local File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/28089/info The PHP-Nuke 'Seminars' module is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized remote user to view files...
Linksys SPA941 SIP From Field HTML Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/25987/info Linksys SPA941 devices are prone to an HTML-injection vulnerability because the built-in webserver fails to properly sanitize user-supplied input before using it in dynamically generated content...
Drummond Miles A1Stats 1.0 a1disp2.cgi Traversal Arbitrary File Read
No description provided by source. source: http://www.securityfocus.com/bid/2705/info A1Stats is a CGI product by Drummon Miles used to report on a website's visitor traffic. Versions of this product fail to properly validate user-supplied input submitted as querystrings to the A1Stats script. An...
phusion webserver 1.0 - Directory Traversal vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/4117/info Phusion Webserver is a commercial HTTP server that runs on Microsoft Windows 9x/NT/2000 operating systems. Phusion Webserver is prone to directory traversal attacks. It is possible to break out of wwwroot using...
SquirrelMail G/PGP Encryption Plug-in 2.0/2.1 - Multiple Unspecified Remote Command Execution Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/24828/info Vulnerabilities in the SquirrelMail G/PGP encryption plugin may allow malicious webmail users to execute system commands remotely. These issues occur because the application fails to sufficiently sanitize...
phpWebsite 0.8.2 PHP File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5779/info A vulnerability has been discovered in phpWebsite which allows an attacker to remotely include a malicious PHP file. It is possible for an attacker to specify a remote location for phpWebsite to download an...
Allaire JRun 2.3 Arbitrary Code Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1831/info Jrun contains a vulnerability that allows a user to compile and execute JSP code from an arbitrary file on the webserver's filesystem. This bug is due to the way JSP execution is invoked -- if a requested...
Mapos-Scripts.de Gastebuch 1.5 Index.PHP Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/25252/info Mapos-Scripts.de Gastebuch is prone to a remote file-include vulnerability because the application fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remo...
TW-WebServer 1.0 - Denial of Service Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/7368/info It has been reported that TW-WebServer is prone to a denial of service vulnerability. Reportedly when an excessive quantity of data is sent to the TW-Webserver as part of a malicious HTTP GET request the server...
Absolute News Manager .NET 5.1 xlaabsolutenm.aspx rmore Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/26692/info Absolute News Manager .NET is prone to multiple remote vulnerabilities, including multiple cross-site scripting, SQL-injection, and information-disclosure issues. Attackers can exploit these issues to steal...