PHP 3.0/4.0 Error Logging Format String Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1786/info PHP is a scripting language designed for CGI applications that is used on many websites. There exists a remotely exploitable format string vulnerability in all versions of PHP below PHP 4.0.3. The vulnerability...

RCBlog 1.0.3 Index.PHP Directory Traversal Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16342/info RCBlog is prone to a directory-traversal vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitra...

I-RATER Platinum Config_settings.TPL.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17731/info I-RATER Platinum is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include an...

Jetbox CMS 2.1 Search_function.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/19722/info Jetbox CMS is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious...

FAR-PHP 1.0 'index.php' Local File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/30781/info FAR-PHP is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability using directory-traversal strings to view local files...

DotBr 0.1 System.PHP3 Remote Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6866/info The DotBr 'system.php3' script is prone to a remote command execution vulnerability. This is due to insufficient sanitization of user-supplied data. Exploitation may result in execution of arbitrary shell comman...

Mambo Rssxt Component 1.0 MosConfig_absolute_path Multiple Remote File Include Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/19593/info The Mambo Rssxt component for Joomla and Mambo is prone multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an...

TurnkeyWebTools PHP Simple Shop 2.0 - Multiple Remote File Include Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/19382/info PHP Simple Shop is prone to multiple remote file-include vulnerabilities. An attacker can exploit these issues to execute arbitrary malicious PHP code in the context of the webserver process. This may facilitat...

Zorum 3.5 DBProperty.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/20606/info Zorum is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. A successful exploit of this issue allows an attacker to execute arbitrary server-side script cod...

Campsite 2.6.1 ArticlePublish.php g_documentRoot Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/23874/info Campsite is prone to multiple remote file-include vulnerabilities. Exploiting this issue allows remote attackers to execute code in the context of the webserver. This issue affects Campsite 2.6.1. Earlier...

EyeOS 0.8.x Session Remote Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16537/info The eyeOS system is prone to a remote command-execution vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied data. An attacker can exploit this issue to execute...

cgiCentral WebStore 400 Arbitrary Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2861/info cgiCentral's Webstore is an shopping cart application which processes and manages online purchases. Wsmail.cgi calls system with user-supplied data in the command string. Because it does not filter metacharacter...

SMBlog 1.2 Arbitrary PHP Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16905/info SMBlog is prone to an arbitrary command-execution vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to execute arbitra...

Internet Explorer 4.0/5.0/5.5 preview/5.0.1 - DocumentComplete() Cross Frame Access Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1224/info The DocumentComplete function in IE does not properly validate origin domains. Therefore it is possible for a remote webserver to gain read access to local files on the machine of any website visitor or email...

ezContents 'minicalendar.php' Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/30373/info ezContents CMS is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker can exploit this issue to execute malicious PHP code in the context of th...

Insanely Simple Blog 0.4/0.5 index.php current_subsection Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/24934/info Insanely Simple Blog is prone to multiple input-validation vulnerabilities, including cross-site scripting, HTML-injection, and SQL-injection issues, because the application fails to properly sanitize...

Foing 0.x Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/18392/info Foing is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remo...

Mambo/Joomla Com_comprofiler 1.0 Plugin.class.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/19725/info The Mambo and Joomla comcomprofiler component is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include arbitrary...

Joomla/Mambo Mod_Forum Component PHPBB_Root.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/24591/info The 'modforum' component for Joomla and Mambo is prone to a remote file-include vulnerability because the application fails to properly sanitize user-supplied input. An attacker can exploit this issue to includ...

Bookmark4U 2.0 inc/common.php env[include_prefix] Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/18281/info Bookmark4U is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to includ...