5286 matches found
Smarty Template Engine 2.6.9 - $smarty.template PHP Code Injection
Smarty Template Engine 2.6.9 - $smarty.template PHP Code Injection source: https://www.securityfocus.com/bid/46366/info Smarty Template Engine is prone to a remote PHP code-injection vulnerability. An attacker can exploit this issue to inject and execute arbitrary PHP code in the context of the...
Smarty Template Engine 2.6.9 - '$smarty.template' PHP Code Injection
source: https://www.securityfocus.com/bid/46366/info Smarty Template Engine is prone to a remote PHP code-injection vulnerability. An attacker can exploit this issue to inject and execute arbitrary PHP code in the context of the webserver process. This may facilitate a compromise of the applicati...
Dokeos Multiple Remote File Disclosure Vulnerabilities
Dokeos and Chamilo are prone to multiple file-disclosure vulnerabilities because they fail to properly sanitize user- supplied input. An attacker can exploit these vulnerabilities to view local files in the context of the webserver process. This may aid in further attacks. Dokeos versions 1.8.6.1...
Chamilo 1.8.7 / Dokeos 1.8.6 - Remote File Disclosure
Title: Chamilo 1.8.7 / Dokeos 1.8.6 Remote File Disclosure Date: 2011/01/31 Author: beford Software Link: http://www.dokeos.com/download/dokeos-1.8.6.1.zip http://chamilo.googlecode.com/files/chamilo-1.8.7.1-stable.tar.gz Affected products ================= Dokeos 1.8.6.1 / 2.0 Chamilo 1.8.7.1...
Podcast Generator Local File Include and Cross Site Scripting Vulnerabilities
Podcast Generator is prone to a local file-include vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit the local file-include vulnerability using directory-traversal strings to view and execute local files withi...
Betsy 'page' Parameter Local File Include Vulnerability
Betsy is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and to execute arbitrary local scripts in the context of the webserver process. This may allow the...
Raja Natarajan Guestbook 'lang' Parameter Local File Include Vulnerability
The Raja Natarajan Guestbook is prone to a local file-include vulnerability because it fails to properly sanitize user- supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and to execute arbitrary local scripts in the context of the webserver...
TinyWebGallery Cross Site Scripting and Local File Include Vulnerabilities
TinyWebGallery is prone to local file-include and cross-site scripting vulnerabilities because the application fails to properly sanitize user- supplied input. A remote attacker may leverage the cross-site scripting issue to execute arbitrary script code in the browser of an unsuspecting user in...
Betsy 4.0 - page Local File Inclusion
Betsy 4.0 - page Local File Inclusion source: https://www.securityfocus.com/bid/46124/info Betsy is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and to...
Betsy 4.0 - 'page' Local File Inclusion
source: https://www.securityfocus.com/bid/46124/info Betsy is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and to execute arbitrary local scripts in the...
Joomla! Component com_frontenduseraccess - Local File Inclusion
source: https://www.securityfocus.com/bid/46081/info The 'comfrontenduseraccess' component for Joomla! is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information a...
TinyWebGallery 1.8.3 - Cross-Site Scripting / Local File Inclusion
source: https://www.securityfocus.com/bid/46086/info TinyWebGallery is prone to local file-include and cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. A remote attacker may leverage the cross-site scripting issue to execute arbitrary...
TinyWebGallery 1.8.3 - Cross-Site Scripting Local File Inclusion
TinyWebGallery 1.8.3 - Cross-Site Scripting Local File Inclusion source: https://www.securityfocus.com/bid/46086/info TinyWebGallery is prone to local file-include and cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. A remote attacker ma...
MultiCMS 'lng' Parameter Local File Include Vulnerability
MultiCMS is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
WordPress Plugin Recip.ly 1.1.7 - uploadImage.php Arbitrary File Upload
WordPress Plugin Recip.ly 1.1.7 - uploadImage.php Arbitrary File Upload source: https://www.securityfocus.com/bid/46002/info WordPress Recip.ly is prone to a vulnerability that lets attackers upload arbitrary files. The issue occurs because the application fails to adequately sanitize user-suppli...
Apache HTTPD mod_negotiation Scanner
This module scans the webserver of the given hosts for the existence of modnegotiate. If the webserver has modnegotiation enabled, the IP address will be displayed. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework clas...
Sahana Agasti Multiple Input Validation Vulnerabilities
Sahana Agasti is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker can exploit these vulnerabilities to obtain potentially sensitive information and to execute arbitrary local scripts in the context of the webserver proces...
LotusCMS 'index.php' Local File Include Vulnerability
LotusCMS is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and to execute arbitrary local scripts in the context of the webserver process. This may allow...
Ax Developer CMS <= 0.1.1 LFI Vulnerability - Active Check
Ax Developer CMS is prone to a local file include LFI vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Hewlett-Packard OpenView Network Node Manager nnmRptConfig.exe schd_select1 Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the nnmRptConfig.exe module exposed by the webserver that listens by default o...