5285 matches found
Actionpoll 1.1.1 - '/db/DataReaderWriter.php?CONFIG_DB' Remote File Inclusion
source: https://www.securityfocus.com/bid/20788/info Actionpoll is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code a...
PunBB 1.x - SQL Injection
source: https://www.securityfocus.com/bid/20786/info PunBB is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may exploit these issues to execute arbitrary script code in the context of the webserver process or to pass...
Gallery main.php远程目录遍历漏洞
Gallery是基于Web的开放源码相册管理器。 Gallery中存在目录遍历漏洞,攻击者可以通过特制的url无需登录便访问服务器中webserver可访问的任意文件,导致泄漏敏感信息。 Gallery Gallery 2.0-Beta3 厂商补丁: Gallery ------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: Gallery Upgrade gallery-2.0.1-typical.tar.gz http://prdownloads.sourceforge.net/gallery/gallery-2.0.1-typical.tar.gz...
PLS-Bannieres 1.21 - Bannieres.php Remote File Inclusion
PLS-Bannieres 1.21 - Bannieres.php Remote File Inclusion source: https://www.securityfocus.com/bid/20772/info PLS-Bannieres is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote...
PLS-Bannieres 1.21 - 'Bannieres.php' Remote File Inclusion
source: https://www.securityfocus.com/bid/20772/info PLS-Bannieres is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the...
PHPLeague 0.81 - consultminiseul.php?cheminmini Remote File Inclusion
PHPLeague 0.81 - consultminiseul.php?cheminmini Remote File Inclusion source: https://www.securityfocus.com/bid/20756/info Php League is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to include...
PHPLeague 0.81 - '/consult/miniseul.php?cheminmini' Remote File Inclusion
source: https://www.securityfocus.com/bid/20756/info Php League is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code and execute it...
Zorum 3.5 - DBProperty.php Remote File Inclusion
Zorum 3.5 - DBProperty.php Remote File Inclusion source: https://www.securityfocus.com/bid/20606/info Zorum is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. A successful exploit of this issue allows an attacker to execute arbitrary...
Free FAQ 1.0 - index.php Remote File Inclusion
Free FAQ 1.0 - index.php Remote File Inclusion source: https://www.securityfocus.com/bid/20621/info Free Faq is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. A successful exploit of this issue allows an attacker to execute arbitrary...
Free FAQ 1.0 - 'index.php' Remote File Inclusion
source: https://www.securityfocus.com/bid/20621/info Free Faq is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. A successful exploit of this issue allows an attacker to execute arbitrary server-side script code on an affected computer with...
Zorum 3.5 - 'DBProperty.php' Remote File Inclusion
source: https://www.securityfocus.com/bid/20606/info Zorum is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. A successful exploit of this issue allows an attacker to execute arbitrary server-side script code on an affected computer with the...
PHP Live Helper 1.17 - Multiple Remote File Inclusions
source: https://www.securityfocus.com/bid/20603/info PHP Live Helper is prone to multiple remote file-include vulnerabilities. An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver process. This may...
PHP Live Helper 1.17 - Multiple Remote File Inclusions
PHP Live Helper 1.17 - Multiple Remote File Inclusions source: https://www.securityfocus.com/bid/20603/info PHP Live Helper is prone to multiple remote file-include vulnerabilities. An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code and execute ...
Lodel CMS 0.7.3 - 'Calcul-page.php' Remote File Inclusion
source: https://www.securityfocus.com/bid/20551/info Lodel CMS is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. A successful exploit of this issue allows an attacker to execute arbitrary server-side script code on an affected computer with...
Maintain 3.0.0-RC2 - Example6.php Remote File Inclusion
Maintain 3.0.0-RC2 - Example6.php Remote File Inclusion source: https://www.securityfocus.com/bid/20560/info Maintain is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file...
ironwebmail 6.1.1 - Directory Traversal Information Disclosure
ironwebmail 6.1.1 - Directory Traversal Information Disclosure source: https://www.securityfocus.com/bid/20436/info IronWebMail is prone to a remote information-disclosure vulnerability because the application fails to properly sanitize user-supplied input. Exploiting this issue allows remote,...
ironwebmail 6.1.1 - Directory Traversal Information Disclosure
source: https://www.securityfocus.com/bid/20436/info IronWebMail is prone to a remote information-disclosure vulnerability because the application fails to properly sanitize user-supplied input. Exploiting this issue allows remote, unauthenticated attackers to retrieve the contents of arbitrary...
Maintain 3.0.0-RC2 - 'Example6.php' Remote File Inclusion
source: https://www.securityfocus.com/bid/20560/info Maintain is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the conte...
PHP TopSites FREE 1.022b - config.php Remote File Inclusion
PHP TopSites FREE 1.022b - config.php Remote File Inclusion source: https://www.securityfocus.com/bid/20486/info PHP TopSites is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker can exploit this issue to have malicious PH...
FreeWPS 2.11 - upload.php Remote Command Execution
FreeWPS 2.11 - upload.php Remote Command Execution source: https://www.securityfocus.com/bid/20494/info FreeWPS is prone to a remote command-execution vulnerability. Attackers can exploit this issue to execute arbitrary system commands with the privileges of the webserver process. FreeWPS version...