5286 matches found
MKPortal 1.2.1 - '/modules/blog/index.php' Home Template Textarea SQL Injection
source: https://www.securityfocus.com/bid/33300/info MKPortal is prone to multiple security vulnerabilities, including SQL-injection, HTML-injection, cross-site scripting, arbitrary-file-upload, and insecure-temporary-file-creation vulnerabilities. Attackers can exploit these issues to execute...
PHP 5.2.8 - popen() Function Buffer Overflow
PHP 5.2.8 - popen Function Buffer Overflow source: https://www.securityfocus.com/bid/33216/info PHP is prone to a buffer-overflow vulnerability because it fails to perform boundary checks before copying user-supplied data to insufficiently sized memory buffers. An attacker can exploit this issue ...
PHP 5.2.8 - 'popen()' Function Buffer Overflow
source: https://www.securityfocus.com/bid/33216/info PHP is prone to a buffer-overflow vulnerability because it fails to perform boundary checks before copying user-supplied data to insufficiently sized memory buffers. An attacker can exploit this issue to execute arbitrary machine code in the...
Amaya Web Browser 11.0.1 (Windows Vista) - Remote Buffer Overflow
Amaya Web Browser 11.0.1 Windows Vista - Remote Buffer Overflow !/usr/bin/perl Amaya Web Browser = 11.0.1 Remote Buffer Overflow Exploit Found/Exploit by SkD [email protected] [email protected] ----------------------------------------------- This is advanced buffer overflow exploitation using my...
php-mbstring -- php mbstring buffer overflow vulnerability
SecurityFocus reports: PHP is prone to a buffer-overflow vulnerability because it fails to perform boundary checks before copying user-supplied data to insufficiently sized memory buffers. The issue affects the 'mbstring' extension included in the standard distribution. An attacker can exploit th...
AutositePHP 2.0.3 LFI/XSRF/File Editing
AutositePHP v2.0.3 LFI/CSRF/Edit File Multiple Remote Vulnerabilities + Discovered By SirGod + Greetz : All my friends + Download Script : http://sourceforge.net/projects/autositephp/ + Local File Inclusion PoC 1 : http://target/path/index.php?page=users/Local File Example 1 :...
autositephp 2.0.3 - Local File Inclusion / Cross-Site Request Forgery / Edit File
AutositePHP v2.0.3 LFI/CSRF/Edit File Multiple Remote Vulnerabilities + Discovered By SirGod + Greetz : All my friends + Download Script : http://sourceforge.net/projects/autositephp/ + Local File Inclusion PoC 1 : http://target/path/index.php?page=users/Local File Example 1 :...
AutositePHP 2.0.3 (LFI/CSRF/Edit File) Multiple Remote Vulnerabilities
Exploit for unknown platform in category web applications ====================================================================== AutositePHP 2.0.3 LFI/CSRF/Edit File Multiple Remote Vulnerabilities ====================================================================== + AutositePHP v2.0.3...
Fantastico - index.php Local File Inclusion
Fantastico - index.php Local File Inclusion source: https://www.securityfocus.com/bid/32578/info Fantastico is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to view files and execute local scripts ...
Fantastico - 'index.php' Local File Inclusion
source: https://www.securityfocus.com/bid/32578/info Fantastico is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to view files and execute local scripts in the context of the webserver process. Thi...
CuteNews aj-fork - path Remote File Inclusion
CuteNews aj-fork - path Remote File Inclusion source: https://www.securityfocus.com/bid/32141/info CuteNews aj-fork is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file...
CuteNews aj-fork - 'path' Remote File Inclusion
source: https://www.securityfocus.com/bid/32141/info CuteNews aj-fork is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in t...
Struts 2.0.11 - Multiple Directory Traversal Vulnerabilities
Struts 2.0.11 - Multiple Directory Traversal Vulnerabilities source: https://www.securityfocus.com/bid/32104/info Struts is prone to multiple directory-traversal vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit these issues using...
Struts 2.0.11 - Multiple Directory Traversal Vulnerabilities
source: https://www.securityfocus.com/bid/32104/info Struts is prone to multiple directory-traversal vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit these issues using directory-traversal strings '../' to download arbitrary files...
H2O-CMS 3.4 - PHP Code Injection Cookie Authentication Bypass
H2O-CMS 3.4 - PHP Code Injection Cookie Authentication Bypass source: https://www.securityfocus.com/bid/31961/info H2O-CMS is prone to a PHP code-injection vulnerability and a cookie authentication-bypass vulnerability. An attacker can exploit the PHP code-injection issue to inject and execute...
bcoos 1.0.13 - common.php Remote File Inclusion
bcoos 1.0.13 - common.php Remote File Inclusion source: https://www.securityfocus.com/bid/31929/info The 'bcoos' program is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote fil...
bcoos 1.0.13 - 'common.php' Remote File Inclusion
source: https://www.securityfocus.com/bid/31929/info The 'bcoos' program is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it i...
[SECURITY] Fedora 8 Update: mantis-1.1.4-1.fc8
Mantis is a web-based bugtracking system. It is written in the PHP scripting language and requires the MySQL database and a webserver. Mantis has been installed on Windows, MacOS, OS/2, and a variety of Unix operating systems. Any web browser should be able to function as a client. Documentation...
[SECURITY] Fedora 9 Update: mantis-1.1.4-1.fc9
Mantis is a web-based bugtracking system. It is written in the PHP scripting language and requires the MySQL database and a webserver. Mantis has been installed on Windows, MacOS, OS/2, and a variety of Unix operating systems. Any web browser should be able to function as a client. Documentation...
DSA-1645-1 lighttpd - various problems
Bulletin has no description...