5285 matches found
PHPSavant Savant2 - Stylesheet.php?MosConfig_absolute_path Remote File Inclusion
PHPSavant Savant2 - Stylesheet.php?MosConfigabsolutepath Remote File Inclusion source: https://www.securityfocus.com/bid/19151/info Savant2 is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to...
PHPSavant Savant2 - 'Stylesheet.php?MosConfig_absolute_path' Remote File Inclusion
source: https://www.securityfocus.com/bid/19151/info Savant2 is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to include arbitrary remote files containing malicious PHP code and execute it in t...
Prince Clan Chess Club 0.8 - Include.PCchess.php Remote File Inclusion
Prince Clan Chess Club 0.8 - Include.PCchess.php Remote File Inclusion source: https://www.securityfocus.com/bid/19138/info Prince Clan Chess Club for Mambo is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issu...
Lussumo Vanilla 1.0 - RootDirectory Remote File Inclusion
Lussumo Vanilla 1.0 - RootDirectory Remote File Inclusion source: https://www.securityfocus.com/bid/19127/info Vanilla is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file...
Advisory: Remote command execution in planetGallery
Advisory: Remote command execution in planetGallery An admin of planetGallery is allowed to create new galleries and upload images. Because of a vulnerable regular expression, he may also upload PHP scripts and thereby execute arbitrary commands with the privileges of PHP. Details ======= Product...
Prince Clan Chess Club 0.8 - 'Include.PCchess.php' Remote File Inclusion
source: https://www.securityfocus.com/bid/19138/info Prince Clan Chess Club for Mambo is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include arbitrary remote files containing malicious PHP code and...
Lussumo Vanilla 1.0 - RootDirectory Remote File Inclusion
source: https://www.securityfocus.com/bid/19127/info Vanilla is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the contex...
Microsoft Internet Explorer - MDAC Remote Code Execution (MS06-014)
Microsoft Internet Explorer - MDAC Remote Code Execution MS06-014 !/bin/sh - "exec" "python" "-O" "$0" "$@" doc = """BL4CK - MS06-014 RDS.DataStore - Data Execution CVS-2006-0003 MS06-014 April 2006 this is a bit out-dated, but works very well Usage: ./bl4ckms06014.py...
Advanced Poll 2.0.2 - common.inc.php Remote File Inclusion
Advanced Poll 2.0.2 - common.inc.php Remote File Inclusion source: https://www.securityfocus.com/bid/19105/info Advanced Poll is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input to the application. An attacker may leverage this issue to have a...
Advanced Poll 2.0.2 - 'common.inc.php' Remote File Inclusion
source: https://www.securityfocus.com/bid/19105/info Advanced Poll is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input to the application. An attacker may leverage this issue to have an arbitrary remote file containing malicious script code...
IDevSpot PHPLinkExchange 1.0 - index.php Remote File Inclusion
IDevSpot PHPLinkExchange 1.0 - index.php Remote File Inclusion source: https://www.securityfocus.com/bid/19083/info PHPLinkExchange is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary...
MiniBB 1.5 - 'news.php' Remote File Inclusion
source: https://www.securityfocus.com/bid/19095/info MiniBB is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include arbitrary remote files containing malicious PHP code and execute it in the context o...
IDevSpot PHPHostBot 1.0 - 'index.php' Remote File Inclusion
source: https://www.securityfocus.com/bid/19084/info PHPHostBot is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the...
IDevSpot PHPLinkExchange 1.0 - 'index.php' Remote File Inclusion
source: https://www.securityfocus.com/bid/19083/info PHPLinkExchange is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in th...
Mambo Module Calendar 1.5.7 - Com_Calendar.php Remote File Inclusion
Mambo Module Calendar 1.5.7 - ComCalendar.php Remote File Inclusion source: https://www.securityfocus.com/bid/19027/info The Calendar module for Mambo is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An...
ListMessenger 0.9.3 - LM_Path Remote File Inclusion
ListMessenger 0.9.3 - LMPath Remote File Inclusion source: https://www.securityfocus.com/bid/19014/info ListMessenger is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to...
ListMessenger 0.9.3 - 'LM_Path' Remote File Inclusion
source: https://www.securityfocus.com/bid/19014/info ListMessenger is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicio...
Mambo Module Calendar 1.5.7 - 'Com_Calendar.php' Remote File Inclusion
source: https://www.securityfocus.com/bid/19027/info The Calendar module for Mambo is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file...
Update Protection against Geeklog Remote Code Execution Vulnerability
Geeklog is a PHP/MySQL based application for managing dynamic web content. Geeklog CMS fails to validate multiple file extensions, potentially allowing a remote attacker to upload malicious script code, which will be executed in the context of the webserver process...
Subberz Lite - UserFunc Remote File Inclusion
Subberz Lite - UserFunc Remote File Inclusion source: https://www.securityfocus.com/bid/18990/info SubberZLite is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containi...