Debian: Security Advisory (DSA-1167-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 1362-1 (lighttpd)

The remote host is missing an update to lighttpd announced via advisory DSA 1362-1. This VT has been deprecated and merged into the VT SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

MyBulletinBoard (MyBB) 1.2.10 - Multiple Vulnerabilities

waraxe-2008-SA061 - Remote Code Execution in MyBB 1.2.10 =============================================================================== Author: Janek Vind "waraxe" Independent discovery: koziolek Date: 16. January 2008 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-61.html Target...

MyBulletinBoard (MyBB) 1.2.10 - Multiple Vulnerabilities

MyBulletinBoard MyBB 1.2.10 - Multiple Vulnerabilities waraxe-2008-SA061 - Remote Code Execution in MyBB 1.2.10 =============================================================================== Author: Janek Vind "waraxe" Independent discovery: koziolek Date: 16. January 2008 Location: Estonia, Tar...

Members Area System 1.7 - view_func.php Remote File Inclusion

Members Area System 1.7 - viewfunc.php Remote File Inclusion source: https://www.securityfocus.com/bid/27244/info Members Area System is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitra...

Members Area System 1.7 - 'view_func.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/27244/info Members Area System is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it i...

[SECURITY] Fedora 8 Update: mantis-1.1.0-1.fc8

Mantis is a web-based bugtracking system. It is written in the PHP scripting language and requires the MySQL database and a webserver. Mantis has been installed on Windows, MacOS, OS/2, and a variety of Unix operating systems. Any web browser should be able to function as a client. Documentation...

[SECURITY] Fedora 7 Update: mantis-1.1.0-1.fc7

Mantis is a web-based bugtracking system. It is written in the PHP scripting language and requires the MySQL database and a webserver. Mantis has been installed on Windows, MacOS, OS/2, and a variety of Unix operating systems. Any web browser should be able to function as a client. Documentation...

NetRisk 1.9.7 - index.php Remote File Inclusion

NetRisk 1.9.7 - index.php Remote File Inclusion source: https://www.securityfocus.com/bid/27136/info netRisk is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code on an affect...

NetRisk 1.9.7 - 'index.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/27136/info netRisk is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code on an affected computer with the privileges of the webserver...

InfoSoft FusionCharts 3 - .swf Flash File Remote Code Execution

InfoSoft FusionCharts 3 - .swf Flash File Remote Code Execution source: https://www.securityfocus.com/bid/27109/info InfoSoft FusionCharts is prone to a remote code-execution vulnerability because the application fails to properly sanitize user-supplied input. An attacker can exploit this issue t...

MODx 0.9.6.1 - htcmime.php Source Code Information Disclosure

MODx 0.9.6.1 - htcmime.php Source Code Information Disclosure source: https://www.securityfocus.com/bid/27096/info MODx is prone to a vulnerability that allows attackers to access source code because the application fails to properly sanitize user-supplied input. An attacker can exploit this...

MODx 0.9.6.1 - 'htcmime.php' Source Code Information Disclosure

source: https://www.securityfocus.com/bid/27096/info MODx is prone to a vulnerability that allows attackers to access source code because the application fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary files from the vulnerable syst...

SiteScape Forum - dispatch.cgi Tcl Command Injection

SiteScape Forum - dispatch.cgi Tcl Command Injection source: https://www.securityfocus.com/bid/26963/info SiteScape Forum is prone to a command-injection vulnerability because it fails to adequately sanitize user-supplied input. Attackers can exploit this issue to execute arbitrary commands in th...

SiteScape Forum - 'dispatch.cgi' Tcl Command Injection

source: https://www.securityfocus.com/bid/26963/info SiteScape Forum is prone to a command-injection vulnerability because it fails to adequately sanitize user-supplied input. Attackers can exploit this issue to execute arbitrary commands in the context of the webserver process. Successful exploi...

rooter VDSL Device (Goahead WEBSERVER) Disclosure Vulnerability

No description provided by source. -------------------------------------------------------------------------------- WebServer powered by goahead WEBSERVER Vulnerability on : FS4104-AW - Full-Service VDSL Device exemple : IP : 81.240.1.1 to 81.240.1.254 / port : 80 exploit :...

FS4104-AW VDSL Device (Rooter) - GoAhead WebServer Disclosure

-------------------------------------------------------------------------------- WebServer powered by goahead WEBSERVER Vulnerability on : FS4104-AW - Full-Service VDSL Device exemple : IP : 81.240.1.1 to 81.240.1.254 / port : 80 exploit : =http://ip/goform/QuickStartc0 =source =password disclosu...

rooter VDSL Device (Goahead WEBSERVER) Disclosure Vulnerability

Exploit for hardware platform in category remote exploits =============================================================== rooter VDSL Device Goahead WEBSERVER Disclosure Vulnerability ===============================================================...

FS4104-AW VDSL Device (Rooter) - GoAhead WebServer Disclosure

FS4104-AW VDSL Device Rooter - GoAhead WebServer Disclosure -------------------------------------------------------------------------------- WebServer powered by goahead WEBSERVER Vulnerability on : FS4104-AW - Full-Service VDSL Device exemple : IP : 81.240.1.1 to 81.240.1.254 / port : 80 exploit...

PHP Security Framework - Multiple Input Validation Vulnerabilities

PHP Security Framework - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/26898/info PHP Security Framework is prone to multiple input-validation vulnerabilities, including multiple SQL-injection issues and remote file-include issues. A successful exploit may...