5291 matches found
GWExtranet Multiple Directory Traversal Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/26525/info GWExtranet is prone to multiple directory-traversal vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary files from the...
otalCalendar 0 about.php inc_dir Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/17618/info TotalCalendar is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to...
Fastream NetFile 6.0.3 .588 Error Message Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8908/info It has been reported that a cross-site scripting vulnerability may exist in NetFile that may allow remote attackers to execute HTML or script code in a user's browser. The issue is reported to occur due to a 404...
tiki wiki cms groupware 5.2 - Multiple Vulnerabilities
No description provided by source. Source: http://www.securityfocus.com/bid/43507/info Tiki Wiki CMS Groupware is prone to a local file-include vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit the local...
OpenInferno OI.Blogs 1.0 Multiple Local File Include Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/38402/info OpenInferno OI.Blogs is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities to obtain potentially...
PHPX 3.5.15/3.5.16 news.php Multiple Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/23033/info PHPX is prone to multiple input-validation vulnerabilities because the application fails to properly sanitize user-supplied input. Exploiting these issues could allow an attacker to steal cookie-based...
Dotproject 2.0 /modules/public/date_format.php baseDir Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/16648/info Dotproject is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to includ...
SiteBar <= 3.3.8 index.php target Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/26126/info SiteBar is prone to multiple input-validation vulnerabilities because it fails to properly sanitize user-supplied input. These issues include: - A local file-include vulnerability - Multiple...
Campsite 2.6.1 ArticleComment.php g_documentRoot Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/23874/info Campsite is prone to multiple remote file-include vulnerabilities. Exploiting this issue allows remote attackers to execute code in the context of the webserver. This issue affects Campsite 2.6.1. Earlier...
Free Online Dictionary of Computing 1.0 - Remote File Viewing Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2484/info A vulnerability exists in a CGI script called The Free Online Dictionary of Computing. Due to a failure to properly validate user supplied input, a remote attacker can compose and submit requests for files...
EternalMart Mailing List Manager 1.32 Remote File Include Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/8767/info EternalMart Mailing List Manager and Guestbook are prone to remote file-include vulnerabilities. Remote attackers may cause malicious PHP code to run on the webserver...
ISPConfig 2.2.2/2.2.3 Session.INC.PHP Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/17909/info ISPConfig is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary...
GenesisTrader 1.0 form.php Arbitrary File Source Disclosure
No description provided by source. source: http://www.securityfocus.com/bid/21595/info GenesisTrader is prone to multiple input-validation vulnerabilities because the application fails to sufficiently sanitize user-supplied input. These issues include multiple information-disclosure...
Back-End CMS 0.4.5 Facts.php includes_path Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/20207/info Back-End CMS is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. A successful exploit of these issues allows an attacker to execute arbitrary...
py software active webcam webserver 4.3/5.5 - Multiple Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/12778/info Active Webcam webserver is reported prone to multiple vulnerabilities. The following individual issues are reported: The first issue, a denial of service is reported to manifest when a request is received for a...
PhpGKit 0.9 - 'connexion.php' Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/28526/info PhpGKit is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to execute malicious PHP code in the context of the webserve...
Alt-N WorldClient Pro 2.0 .0.0/2.0.1 .0/Standard 2.0 .0.0 Long URL DoS Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/823/info Alt-N's WorldClient is an email webserver that allows it's users to retrieve email via HTTP. It is susceptible to denial of service attacks due to an unchecked buffer in the request handler. Supplying a long url...
Beck IPC GmbH IPC@CHIP TelnetD Login Account Brute Force Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2771/info The IPC@Chip is a single-chip embedded webserver from Beck GmbH. The device's inbuilt telnetd service may allow a remote user to repeatedly attempt to login to a given account, without logging or responding to...
PHPNuke 4.x/5.x Remote Arbitrary File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3889/info PHPNuke is a website creation/maintenance tool. The 'index.php' script has a feature which allows users to include files. Due to insufficent input validation, it is possible to include files located on a remote...
SiteInteractive Subscribe Me Setup.PL Arbitrary Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9253/info It has been reported that the SiteInteractive Subscribe Me setup.pl script lacks sufficient sanitization on user-supplied URI parameters; an attacker may invoke this script remotely and and by passing sufficient...