AIDeX Mini-WebServer 1.1 - Remote Crash (Denial of Service)

AIDeX Mini-WebServer 1.1 - Remote Crash Denial of Service import socket print "---------------------------------------------------------------------" print " AID'eX Mini-Webserver Verion 1.1 early Release 3 Denial of Service" print " url: http://www.aidex.de/software/webserver/" print " author:...

AIDeX Mini-WebServer 1.1 - Remote Crash (Denial of Service)

import socket print "---------------------------------------------------------------------" print " AID'eX Mini-Webserver Verion 1.1 early Release 3 Denial of Service" print " url: http://www.aidex.de/software/webserver/" print " author: shinnai" print " mail: shinnaiatautisticidotorg" print "...

Hosting Controller 7C - FolderManager.aspx Directory Traversal

Hosting Controller 7C - FolderManager.aspx Directory Traversal source: https://www.securityfocus.com/bid/21786/info Hosting Controller is prone to a directory-traversal vulnerability because the application fails to properly sanitize user-supplied input. An attacker can exploit this issue to modi...

FreeQBoard 1.01.1 - QB_Path Multiple Remote File Inclusions

FreeQBoard 1.01.1 - QBPath Multiple Remote File Inclusions source: https://www.securityfocus.com/bid/21394/info FreeQboard is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. A successful exploit of these issues allows an attacker to...

Hosting Controller 7C - 'FolderManager.aspx' Directory Traversal

source: https://www.securityfocus.com/bid/21786/info Hosting Controller is prone to a directory-traversal vulnerability because the application fails to properly sanitize user-supplied input. An attacker can exploit this issue to modify or retrieve arbitrary files in the context of the webserver...

Mono XSP 1.x2.0 - Source Code Information Disclosure

Mono XSP 1.x2.0 - Source Code Information Disclosure source: https://www.securityfocus.com/bid/21687/info XSP is prone to a source code information-disclosure vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary...

Mono XSP 1.x/2.0 - Source Code Information Disclosure

source: https://www.securityfocus.com/bid/21687/info XSP is prone to a source code information-disclosure vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to retrieve arbitrary files from the vulnerable system in the context of th...

GenesisTrader 1.0 - form.php Multiple Cross-Site Scripting Vulnerabilities

GenesisTrader 1.0 - form.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/21595/info GenesisTrader is prone to multiple input-validation vulnerabilities because the application fails to sufficiently sanitize user-supplied input. These issues include...

GenesisTrader 1.0 - form.php Arbitrary File Source Disclosure

GenesisTrader 1.0 - form.php Arbitrary File Source Disclosure source: https://www.securityfocus.com/bid/21595/info GenesisTrader is prone to multiple input-validation vulnerabilities because the application fails to sufficiently sanitize user-supplied input. These issues include multiple...

GenesisTrader 1.0 - 'form.php' Arbitrary File Source Disclosure

source: https://www.securityfocus.com/bid/21595/info GenesisTrader is prone to multiple input-validation vulnerabilities because the application fails to sufficiently sanitize user-supplied input. These issues include multiple information-disclosure vulnerabilities, an arbitrary file-upload...

MXBB Profile Control Panel 0.91c - Module Remote File Inclusion

source: https://www.securityfocus.com/bid/21520/info The mxBB profile Control Panel module is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary server-side script code on an affected...

Boonex 2.0 Dolphin - index.php Remote File Inclusion

Boonex 2.0 Dolphin - index.php Remote File Inclusion source: https://www.securityfocus.com/bid/21182/info Dolphin is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to have malicious PHP code execute in the...

[MajorSecurity Advisory #35]Travelsized CMS - Multiple Cross Site Scripting Issues

MajorSecurity Advisory 35Travelsized CMS - Multiple Cross Site Scripting Issues Details ======= Product: Travelsized CMS Affected Version: = 0.4.1 Security-Risk: moderated Remote-Exploit: yes Vendor-URL: http://leinir.dk/travelsized/ Vendor-Status: informed Advisory-Status: published Credits...

Boonex 2.0 Dolphin - 'index.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/21182/info Dolphin is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to have malicious PHP code execute in the context of the webserver process. This may allow the...

Wabbit PHP Gallery 0.9 - 'Dir' Directory Traversal

source: https://www.securityfocus.com/bid/21213/info Wabbit PHP Gallery is prone to a directory-traversal vulnerability because the application fails to properly sanitize user-supplied input. An attacker can exploit this issue to retrieve the contents of arbitrary files in the context of the...

PHP Upload Tool 1.0 - Arbitrary File Upload Directory Traversal

PHP Upload Tool 1.0 - Arbitrary File Upload Directory Traversal source: https://www.securityfocus.com/bid/21150/info PHP Upload Tool is prone to an arbitrary file-upload vulnerability and a directory-traversal vulnerability. These issues occur because the application fails to sanitize user-suppli...

PHP Upload Tool 1.0 - Arbitrary File Upload / Directory Traversal

source: https://www.securityfocus.com/bid/21150/info PHP Upload Tool is prone to an arbitrary file-upload vulnerability and a directory-traversal vulnerability. These issues occur because the application fails to sanitize user-supplied data. An attacker could exploit these issues to execute code ...

Kerio WebSTAR 5.4.2 (OSX) - libucache.dylib Local Privilege Escalation

Kerio WebSTAR 5.4.2 OSX - libucache.dylib Local Privilege Escalation !/usr/bin/perl http://www.digitalmunition.com written by kf kflistsatdigitalmunitiondotcom you must have access to the webstar user or be in the admin group This is currently not patched... chmod -s your kerio binaries foreach...

Conxint FTP 2.2.603 - Multiple Directory Traversal Vulnerabilities

Conxint FTP 2.2.603 - Multiple Directory Traversal Vulnerabilities source: https://www.securityfocus.com/bid/21081/info Conxint is prone to multiple directory-traversal vulnerabilities because the application fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow a...

Conxint FTP 2.2.603 - Multiple Directory Traversal Vulnerabilities

source: https://www.securityfocus.com/bid/21081/info Conxint is prone to multiple directory-traversal vulnerabilities because the application fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow a remote attacker to access any file on the affected webserver. Versio...