5286 matches found
EZContents - 'minicalendar.php' Remote File Inclusion
source: https://www.securityfocus.com/bid/30373/info ezContents CMS is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker can exploit this issue to execute malicious PHP code in the context of the webserver process. This may allo...
EZContents - minicalendar.php Remote File Inclusion
EZContents - minicalendar.php Remote File Inclusion source: https://www.securityfocus.com/bid/30373/info ezContents CMS is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker can exploit this issue to execute malicious PHP code in...
[SECURITY] Fedora 8 Update: mantis-1.1.2-1.fc8
Mantis is a web-based bugtracking system. It is written in the PHP scripting language and requires the MySQL database and a webserver. Mantis has been installed on Windows, MacOS, OS/2, and a variety of Unix operating systems. Any web browser should be able to function as a client. Documentation...
[SECURITY] Fedora 9 Update: mantis-1.1.2-1.fc9
Mantis is a web-based bugtracking system. It is written in the PHP scripting language and requires the MySQL database and a webserver. Mantis has been installed on Windows, MacOS, OS/2, and a variety of Unix operating systems. Any web browser should be able to function as a client. Documentation...
Flip 3.0 - 'config.php' Remote File Inclusion
source: https://www.securityfocus.com/bid/30312/info Flip is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker can exploit this issue to execute malicious PHP code in the context of the webserver process. This may allow the...
XOOPS 2.0.18 - '/modules/system/admin.php?fct' Traversal Local File Inclusion
source: https://www.securityfocus.com/bid/30330/info XOOPS is prone to a local file-include vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit the local file-include vulnerability using directory-traversal...
XOOPS 2.0.18 - modulessystemadmin.php?fct Cross-Site Scripting
XOOPS 2.0.18 - modulessystemadmin.php?fct Cross-Site Scripting source: https://www.securityfocus.com/bid/30330/info XOOPS is prone to a local file-include vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit the...
Flip 3.0 - config.php Remote File Inclusion
Flip 3.0 - config.php Remote File Inclusion source: https://www.securityfocus.com/bid/30312/info Flip is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker can exploit this issue to execute malicious PHP code in the context of th...
Lemon CMS 1.10 - 'browser.php' Local File Inclusion
source: https://www.securityfocus.com/bid/30285/info Lemon CMS is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability using directory-traversal strings to view local files within the context of the...
Lemon CMS 1.10 - browser.php Local File Inclusion
Lemon CMS 1.10 - browser.php Local File Inclusion source: https://www.securityfocus.com/bid/30285/info Lemon CMS is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability using directory-traversal strings t...
Community CMS 0.1 - 'include.php' Remote File Inclusion
source: https://www.securityfocus.com/bid/30275/info Community CMS is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker can exploit this issue to execute malicious PHP code in the context of the webserver process. This may allow...
Community CMS 0.1 - include.php Remote File Inclusion
Community CMS 0.1 - include.php Remote File Inclusion source: https://www.securityfocus.com/bid/30275/info Community CMS is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker can exploit this issue to execute malicious PHP code i...
OpenPro 1.3.1 - 'search_wA.php' Remote File Inclusion
source: https://www.securityfocus.com/bid/30264/info OpenPro is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker can exploit this issue to execute malicious PHP code in the context of the webserver process. This may allow the...
OpenPro 1.3.1 - search_wA.php Remote File Inclusion
OpenPro 1.3.1 - searchwA.php Remote File Inclusion source: https://www.securityfocus.com/bid/30264/info OpenPro is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker can exploit this issue to execute malicious PHP code in the...
ImperialBB <= 2.3.5 Remote File Upload Exploit
No description provided by source. Title : ImperialBB = 2.3.5 Remote File Upload Vulnerability Date : 5th July 2008 Found by : PHPLizardo - http://phplizardo.2gb.fr Greetz : Gu1ll4um3r0m41n Howto : 1. Go to your User Control Panel 2. Upload any file you want 3. Tamper the request and change the...
ImperialBB 2.3.5 - Arbitrary File Upload
Title : ImperialBB :\r\n\n"; $code = trimfgetsSTDIN; $socket = @fsockopen$argv1, 80, $eno, $estr, 30;...
httpd cross-site scripting flaw in mod_imap
Cross-site scripting XSS vulnerability in the modimap module of Apache httpd before 1.3.35-dev and Apache httpd 2.0.x before 2.0.56-dev allows remote attackers to inject arbitrary web script or HTML via the Referer when using image maps...
A+ PHP Scripts News Management System 0.3 - Multiple Input Validation Vulnerabilities
source: https://www.securityfocus.com/bid/29912/info A+ PHP Scripts News Management System is prone to multiple input-validation vulnerabilities, including a remote file-include issue, multiple local file-include issues, and a cross-site scripting issue. An attacker can exploit these...
A+ PHP Scripts News Management System 0.3 - Multiple Input Validation Vulnerabilities
A+ PHP Scripts News Management System 0.3 - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/29912/info A+ PHP Scripts News Management System is prone to multiple input-validation vulnerabilities, including a remote file-include issue, multiple local file-includ...
Open Digital Assets Repository System 1.0.2 - Remote File Inclusion
source: https://www.securityfocus.com/bid/29881/info Open Digital Assets Repository System ODARS is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker can exploit this issue to execute malicious PHP code in the context of the...