5286 matches found
MonGoose 2.4 Directory Traversal
MonGoose 2.4 win webserver Directory Traversal By: e.wiZz! Site: www.balcansecurity.com Found with ServMeNot world's sexiest fuzzer :P In the wild... Info: Easy to use web server for Windows and UNIX. Mongoose provides simple and clean API for embedding it into existing programs. Targeting Web...
MonGoose 2.4 (Windows) - WebServer Directory Traversal
MonGoose 2.4 Windows - WebServer Directory Traversal MonGoose 2.4 win webserver Directory Traversal By: e.wiZz! Site: www.balcansecurity.com Found with ServMeNot world's sexiest fuzzer :P In the wild... Info: Easy to use web server for Windows and UNIX. Mongoose provides simple and clean API for...
MonGoose 2.4 (Windows) - WebServer Directory Traversal
MonGoose 2.4 win webserver Directory Traversal By: e.wiZz! Site: www.balcansecurity.com Found with ServMeNot world's sexiest fuzzer :P In the wild... Info: Easy to use web server for Windows and UNIX. Mongoose provides simple and clean API for embedding it into existing programs. Targeting Web...
Redaxscript 'language' Parameter Local File Include Vulnerability
Redaxscript is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to view and execute arbitrary local files in the context of the webserver process. This may aid in further attacks. Redaxscript 0.2.0 is...
MoziloCMS Local File Include and Cross Site Scripting Vulnerabilities
MoziloCMS is prone to a local file-include vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit the local file-include vulnerability using directory-traversal strings to view and execute local files within the...
MoziloCMS Local File Include and Cross Site Scripting Vulnerabilities
MoziloCMS is prone to a local file-include vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
Horde Products Local File Include and Cross Site Scripting Vulnerabilities
Horde products are prone to a local file-include vulnerability and a cross-site scripting vulnerability because they fail to properly sanitize user-supplied input. An attacker can exploit the local file-include vulnerability using directory-traversal strings to view and execute local files within...
webEdition CMS <= 6.0.0.4 LFI Vulnerability - Active Check
webEdition CMS is prone to a local file include LFI vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Analog: Denial of service
Background Analog is a a webserver log analyzer. Description Diego E. Petteno reported that the Analog package in Gentoo is built with its own copy of bzip2, making it vulnerable to CVE-2008-1372 GLSA 200804-02. Impact A local attacker could place specially crafted log files into a log directory...
Acute Control Panel SQL Injection Vulnerability and Remote File Include Vulnerability
Acute Control Panel is prone to multiple input-validation vulnerabilities, including an SQL-injection issue and multiple remote file-include issues. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...
Beerwin's PhpLinkAdmin <= 1.0 Multiple Vulnerabilities - Active Check
Beerwin SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description scriptoid"1.3.6.1.4.1.25623.1.0.100058";...
Cryptographp 'index.php' Local File Include Vulnerability
Cryptographp is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
e-Vision CMS Multiple Local File Include Vulnerabilities
e-Vision CMS is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities using directory-traversal strings to view local files and execute local scripts within the context of the webserver process...
DSA-1740-1 yaws - denial of service
Bulletin has no description...
phpCommunity2 Multiple Vulnerabilities (Mar 2009) - Active Check
phpCommunity2 is prone to multiple input validation vulnerabilities, including multiple directory traversal issues and SQL-injection issues, and a cross-site scripting issue. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are...
BlindBlog Multiple Local File Include and SQL Injection Vulnerabilities
BlindBlog is prone to a local file-include vulnerability and multiple SQL-injection vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit the local file-include vulnerability using directory-traversal strings to view and execute arbitrary local files...
OneOrZero Helpdesk 'login.php' Local File Include Vulnerability
OneOrZero Helpdesk is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to view and execute arbitrary local files in the context of the webserver process. This may aid in further attacks. OneOrZero...
GhostScripter Amazon Shop Multiple Vulnerabilities (Mar 2009) - Active Check
Amazon Shop is prone to multiple vulnerabilities, including a cross-site scripting issue, a directory-traversal issue, and multiple remote file-include issues, because it fails to sufficiently sanitize user-supplied data. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be...
Demium CMS Multiple Local File Include and SQL Injection Vulnerabilities
Demium CMS is prone to multiple local file-include vulnerabilities and SQL-injection vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit the local file-include vulnerabilities using directory-traversal strings to view and execute arbitrary local file...
SA-CORE-2009-003 - Local file inclusion on Windows
This vulnerability exists on Windows, regardless of the type of webserver Apache, IIS used. The Drupal theme system takes URL arguments into account when selecting a template file to use for page rendering. While doing so, it doesn't take into account how Windows arrives at a canonicalized path...