5286 matches found
webEdition CMS HTML Injection and Local File Include Vulnerabilities
webEdition CMS is prone to multiple HTML-injection vulnerabilities and a local file-include vulnerability. Exploiting these issues could allow an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site, steal cookie-based authentication...
webEdition CMS 6.1.0.2 - DOCUMENT_ROOT Local File Inclusion
webEdition CMS 6.1.0.2 - DOCUMENTROOT Local File Inclusion source: https://www.securityfocus.com/bid/47065/info webEdition CMS is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to view and execute...
webEdition CMS 6.1.0.2 - 'DOCUMENT_ROOT' Local File Inclusion
source: https://www.securityfocus.com/bid/47065/info webEdition CMS is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to view and execute arbitrary local files in the context of the webserver proces...
CVE-2011-0751
Directory traversal vulnerability in nhttpd aka Nostromo webserver before 1.9.4 allows remote attackers to execute arbitrary programs or read arbitrary files via a ..%2f encoded dot dot slash in a URI...
Directory traversal
Directory traversal vulnerability in nhttpd aka Nostromo webserver before 1.9.4 allows remote attackers to execute arbitrary programs or read arbitrary files via a ..%2f encoded dot dot slash in a URI...
CVE-2011-0751
Directory traversal vulnerability in nhttpd aka Nostromo webserver before 1.9.4 allows remote attackers to execute arbitrary programs or read arbitrary files via a ..%2f encoded dot dot slash in a URI...
CVE-2011-0751
Nostromo nhttpd (Nazgul Nostromo) versions up to 1.9.3 are vulnerable to CVE-2011-0751 due to improper validation of user-supplied paths, allowing directory traversal via encoded dot dot slash ("..%2f") in URIs and resulting in arbitrary file read or remote command execution. The issue affects th...
[DCA-2011-0006] Hiawatha 7.4 - Denial-of-Service
Discussion - DcLabs Security Research Group advises about the following vulnerabilityies: Software - Hiawatha WebServer 7.4 Vendor Product Description - Hiawatha is an open source webserver with a focus on security. I started Hiawatha in January 2002. Before that time, I had used several...
Hiawatha WebServer 7.4 Denial of Service Vulnerability
Exploit for multiple platform in category dos / poc Discussion - DcLabs Security Research Group advises about the following vulnerabilityies: Software - Hiawatha WebServer 7.4 Vendor Product Description - Hiawatha is an open source webserver with a focus on security. I started Hiawatha in January...
Quick Poll Local File Include and Arbitrary File Deletion Vulnerabilities
Quick Poll is prone to a local file-include vulnerability and an arbitrary-file- deletion vulnerability because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit a local file-include vulnerability to obtain potentially sensitive information and execute...
Hiawatha WebServer 7.4 Denial Of Service
Discussion - DcLabs Security Research Group advises about the following vulnerabilityies: Software - Hiawatha WebServer 7.4 Vendor Product Description - Hiawatha is an open source webserver with a focus on security. I started Hiawatha in January 2002. Before that time, I had used several...
Hiawatha WebServer 7.4 - Denial of Service
Hiawatha WebServer 7.4 - Denial of Service Source: http://packetstormsecurity.org/files/view/99021/DCA-2011-0006.txt Discussion - DcLabs Security Research Group advises about the following vulnerabilityies: Software - Hiawatha WebServer 7.4 Vendor Product Description - Hiawatha is an open source...
Hiawatha WebServer 7.4 - Denial of Service
Source: http://packetstormsecurity.org/files/view/99021/DCA-2011-0006.txt Discussion - DcLabs Security Research Group advises about the following vulnerabilityies: Software - Hiawatha WebServer 7.4 Vendor Product Description - Hiawatha is an open source webserver with a focus on security. I start...
InterPhoto Image Gallery 2.4.2 - IPLANG Local File Inclusion
InterPhoto Image Gallery 2.4.2 - IPLANG Local File Inclusion source: https://www.securityfocus.com/bid/46759/info InterPhoto Image Gallery is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain...
InterPhoto Image Gallery 2.4.2 - 'IPLANG' Local File Inclusion
source: https://www.securityfocus.com/bid/46759/info InterPhoto Image Gallery is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and to execute arbitrary...
Galilery 'index.php' Local File Include Vulnerability
Galilery is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
WordPress Uploadify Plugin 1.0 Remote File Upload
GotGeek Labs http://www.gotgeek.com.br/ WordPress Uploadify Plugin 1.0 Remote File Upload + Description Adds a shortcode to embed the necessary elements to use Uploadify in a page or post which will give your website visitors the ability to upload large files. By default the files will be uploade...
mySeatXT 0.164 - lang Local File Inclusion
mySeatXT 0.164 - lang Local File Inclusion source: https://www.securityfocus.com/bid/46507/info mySeatXT is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information...
mySeatXT 0.164 - 'lang' Local File Inclusion
source: https://www.securityfocus.com/bid/46507/info mySeatXT is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and to execute arbitrary local scripts in...
webERP 4.0.1 - InputSerialItemsFile.php Arbitrary File Upload
webERP 4.0.1 - InputSerialItemsFile.php Arbitrary File Upload source: https://www.securityfocus.com/bid/46341/info webERP is prone to an arbitrary-file-upload vulnerability because the application fails to adequately sanitize user-supplied input. An attacker can exploit this issue to upload...