CMScout IBrowser TinyMCE Plugin 2.3.4.3 - Local File Inclusion

CMScout IBrowser TinyMCE Plugin 2.3.4.3 - Local File Inclusion source: https://www.securityfocus.com/bid/43260/info CMScout is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability using directory-traversa...

ChillyCMS 2.3.4.3 - Arbitrary File Upload

ChillyCMS 2.3.4.3 - Arbitrary File Upload source: https://www.securityfocus.com/bid/43263/info chillyCMS is prone to a vulnerability that lets attackers upload arbitrary files. The issue occurs because the application fails to adequately sanitize user-supplied input. An attacker can exploit this...

Pecio CMS 'template' Multiple Remote File Include Vulnerabilities

This host is running Pecio CMS and is prone to multiple remote file inclusion vulnerabilities. OpenVAS Vulnerability Test $Id: gbpeciocmsmultrfivuln.nasl 5323 2017-02-17 08:49:23Z teissa $ Pecio CMS 'template' Multiple Remote File Include Vulnerabilities Authors: Madhuri D Copyright: Copyright c...

Pecio CMS <= 2.0.5 Multiple RFI Vulnerabilities

Pecio CMS is prone to multiple remote file inclusion RFI vulnerabilities. Copyright C 2010 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is fr...

Weborf HTTP 'modURL()' Function Directory Traversal Vulnerability

Weborf is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue will allow an attacker to view arbitrary local files within the context of the webserver. Information harvested may aid in launching further attacks. Weborf...

Weborf Directory Traversal Vulnerability (Sep 2010)

Weborf is prone to a directory traversal vulnerability because it fails to sufficiently sanitize user-supplied input. Copyright C 2010 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

HeffnerCMS 1.22 - &#039;index.php&#039; Local File Inclusion

source: https://www.securityfocus.com/bid/43006/info HeffnerCMS is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and to execute arbitrary local scripts i...

HeffnerCMS 1.22 - index.php Local File Inclusion

HeffnerCMS 1.22 - index.php Local File Inclusion source: https://www.securityfocus.com/bid/43006/info HeffnerCMS is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive...

SyndeoCMS Local File Include, Cross Site Scripting, and HTML Injection Vulnerabilities

SyndeoCMS is prone to a local file-include, a cross-site scripting, and an HTML-injection vulnerability because the application fails to properly sanitize user-supplied input. Exploiting the local file-include issue allows remote attackers to view or execute local files within the context of the...

TBDev 2.0 - Remote File Inclusion / SQL Injection

source: https://www.securityfocus.com/bid/43004/info TBDev is prone to multiple input-validation vulnerabilities, including a remote file-include issue and an SQL-injection issue. A successful exploit may allow an attacker to execute malicious code within the context of the webserver process,...

TBDev 2.0 - Remote File Inclusion SQL Injection

TBDev 2.0 - Remote File Inclusion SQL Injection source: https://www.securityfocus.com/bid/43004/info TBDev is prone to multiple input-validation vulnerabilities, including a remote file-include issue and an SQL-injection issue. A successful exploit may allow an attacker to execute malicious code...

TCMS - Multiple Input Validation Vulnerabilities

source: https://www.securityfocus.com/bid/42766/info TCMS is prone to multiple input-validation vulnerabilities, including a local file-include vulnerability, a local file-disclosure vulnerability, multiple SQL-injection vulnerabilities, and multiple cross-site scripting vulnerabilities. An...

CMS Made Simple 'modules/Printing/output.php' Local File Include Vulnerability

This host is running CMS Made Simple and is prone to local file inclusion vulnerability. OpenVAS Vulnerability Test $Id: secpodcmsmadesimplelfivuln.nasl 5394 2017-02-22 09:22:42Z teissa $ CMS Made Simple 'modules/Printing/output.php' Local File Include Vulnerability Authors: Sooraj KS Copyright:...

CMS Source - Multiple Input Validation Vulnerabilities

CMS Source - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/42437/info CMS Source is prone to multiple input-validation vulnerabilities because it fails to adequately sanitize user-supplied input. These vulnerabilities include local file-include, SQL-injection...

Computer Associates Oneview Monitor 6.0 - doSave.jsp Remote Code Execution

Computer Associates Oneview Monitor 6.0 - doSave.jsp Remote Code Execution source: https://www.securityfocus.com/bid/42413/info Computer Associates Oneview Monitor is prone to a remote code-execution vulnerability because the application fails to sufficiently sanitize user-supplied input...

Apache-Mod-JK

Stack-based buffer overflow in the mapuritoworker function native/common/jkuriworkermap.c in modjk.so for Apache Tomcat JK Web Server Connector 1.2.19 and 1.2.20, as used in Tomcat 4.1.34 and 5.5.20, allows remote attackers to execute arbitrary code via a long URL that triggers the overflow in a...

Computer Associates Oneview Monitor 6.0 - &#039;doSave.jsp&#039; Remote Code Execution

source: https://www.securityfocus.com/bid/42413/info Computer Associates Oneview Monitor is prone to a remote code-execution vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting this issue will allow an attacker to inject and execute arbitrary JSP...

Msxml2.XMLHTTP.3.0 Response Handling Memory Corruption (MS10-051)

Exploit for windows platform in category dos / poc ================================================================= Msxml2.XMLHTTP.3.0 Response Handling Memory Corruption MS10-051 ================================================================= Sources:...

D-Link WBR-2310 1.0.4 - &#039;GET&#039; Remote Buffer Overflow (PoC)

source: https://www.securityfocus.com/bid/42153/info D-Link WBR-2310 is prone to a remote buffer-overflow vulnerability because it fails to bounds-check user-supplied input before copying it into an insufficiently sized memory buffer. This issue occurs in the device's webserver. Exploiting this...

Whizzy CMS 'whizzycms1001.php' Local File Include Vulnerability

Whizzy CMS is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and to execute arbitrary local scripts in the context of the webserver process. This may allo...