FestOS 2.3c - 'upload.php' Arbitrary File Upload

source: https://www.securityfocus.com/bid/47751/info FestOS is prone to an arbitrary-file-upload vulnerability because the application fails to adequately sanitize user-supplied input. An attacker can exploit this issue to upload arbitrary code and run it in the context of the webserver process...

Getsimple CMS 3.0 - set Local File Inclusion

Getsimple CMS 3.0 - set Local File Inclusion source: https://www.securityfocus.com/bid/47767/info GetSimple is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive...

Getsimple CMS 3.0 - 'set' Local File Inclusion

source: https://www.securityfocus.com/bid/47767/info GetSimple is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information or to execute arbitrary local scripts in...

BMC Dashboards 7.6.01 - Cross-Site Scripting Information Disclosure

BMC Dashboards 7.6.01 - Cross-Site Scripting Information Disclosure source: https://www.securityfocus.com/bid/47731/info BMC Dashboards is prone to to multiple information-disclosure and cross-site scripting issues because the application fails to properly sanitize user-supplied input. A remote...

vtiger CRM 'sortfieldsjson.php' Local File Include Vulnerability

vtiger CRM is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and execute arbitrary local scripts in the context of the webserver process. This may allow t...

Vtiger CRM <= 5.2.1 LFI Vulnerability - Active Check

Vtiger CRM is prone to a local file include LFI vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Cisco Unified CallManager xmldirectorylist.jsp SQL Injection Vulnerability

This vulnerability allows remote attackers to inject arbitrary SQL into the backend database on vulnerable installations of Cisco Unified CM. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Call Manager component. The system exposes an Apache...

ClanSphere 2011.0 - Local File Inclusion Arbitrary File Upload

ClanSphere 2011.0 - Local File Inclusion Arbitrary File Upload source: https://www.securityfocus.com/bid/47636/info ClanSphere is prone to a local file-include vulnerability and multiple arbitrary-file-upload vulnerabilities. An attacker can exploit these issues to upload arbitrary files onto the...

ClanSphere 2011.0 - Local File Inclusion / Arbitrary File Upload

source: https://www.securityfocus.com/bid/47636/info ClanSphere is prone to a local file-include vulnerability and multiple arbitrary-file-upload vulnerabilities. An attacker can exploit these issues to upload arbitrary files onto the webserver, execute arbitrary local files within the context of...

Nuke Evolution Xtreme 2.0 - Local File Inclusion / SQL Injection

source: https://www.securityfocus.com/bid/47552/info Nuke Evolution Xtreme is prone to a local file-include vulnerability and an SQL-injection vulnerability. An attacker can exploit the local file-include vulnerability using directory-traversal strings to view and execute arbitrary local files...

SyCtel Design - menu Multiple Local File Inclusions

SyCtel Design - menu Multiple Local File Inclusions source: https://www.securityfocus.com/bid/47526/info SyCtel Design is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities to obtain...

SyCtel Design - &#039;menu&#039; Multiple Local File Inclusions

source: https://www.securityfocus.com/bid/47526/info SyCtel Design is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities to obtain potentially sensitive information and execute arbitrary loc...

XOOPS 2.5 - imagemanager.php Local File Inclusion

XOOPS 2.5 - imagemanager.php Local File Inclusion source: https://www.securityfocus.com/bid/47418/info XOOPS is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to view arbitrary local files within th...

Joomla! Component com_phocadownload - Local File Inclusion

Joomla! Component comphocadownload - Local File Inclusion source: https://www.securityfocus.com/bid/47399/info The 'comphocadownload' component for Joomla! is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this...

XOOPS 2.5 - &#039;imagemanager.php&#039; Local File Inclusion

source: https://www.securityfocus.com/bid/47418/info XOOPS is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to view arbitrary local files within the context of the webserver process. Successfully...

Joomla! Component com_phocadownload - Local File Inclusion

source: https://www.securityfocus.com/bid/47399/info The 'comphocadownload' component for Joomla! is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and...

4Images 1.7.9 - Multiple Remote File Inclusions SQL Injections

4Images 1.7.9 - Multiple Remote File Inclusions SQL Injections source: https://www.securityfocus.com/bid/47394/info 4images is prone to multiple remote file-include vulnerabilities and an SQL-injection vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploi...

ChillyCMS 1.2.1 - Multiple Remote File Inclusions

ChillyCMS 1.2.1 - Multiple Remote File Inclusions source: https://www.securityfocus.com/bid/47395/info chillyCMS is prone to multiple remote file-include vulnerabilities because the application fails to sufficiently sanitize user-supplied input. Exploiting these issues may allow a remote attacker...

4Images 1.7.9 - Multiple Remote File Inclusions / SQL Injections

source: https://www.securityfocus.com/bid/47394/info 4images is prone to multiple remote file-include vulnerabilities and an SQL-injection vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities to execute arbitrary server-side script...

PhoenixCMS 1.7 - Local File Inclusion / SQL Injection

source: https://www.securityfocus.com/bid/47389/info PhoenixCMS is prone to a local file-include vulnerability and an SQL-injection vulnerability. An attacker can exploit the local file-include vulnerability using directory-traversal strings to view and execute arbitrary local files within the...