PRADO PHP Framework 3.2.0 Arbitrary File Read Vulnerability

No description provided by source. PRADO PHP Framework 3.2.0 Arbitrary File Read Vulnerability Vendor: Prado Software Product web page: http://www.pradosoft.com Affected version: 3.2.0 r3169 Summary: PRADO is a component-based and event-driven programming framework for developing Web applications...

phlyLabs phlyMail Lite 4.03.04 (go param) Open Redirect Vulnerability

No description provided by source. phlyLabs phlyMail Lite 4.03.04 go param Open Redirect Vulnerability Vendor: phlyLabs Product web page: http://www.phlymail.com Affected version: Lite 4.03.04 Summary: phlyMail offers you an interface in the browser to have access to your emails, contacts,...

Ovidentia 7.9.4 - Multiple Vulnerabilities

No description provided by source. ? Ovidentia 7.9.4 Multiple Remote Vulnerabilities Vendor: Cantico Product web page: http://www.ovidentia.org Affected version: 7.9.4 Summary: Ovidentia is both a content management system CMS and a collaborative environment Groupware. Desc: Input passed via...

LimeSurvey 2.00+ (build 131107) - Multiple Vulnerabilities

No description provided by source. ? LimeSurvey v2.00+ build 131107 Script Insertion And SQL Injection Vulnerability Vendor: LimeSurvey Project Team Product web page: http://www.limesurvey.org Affected version: 2.00+ build 131009 2.00+ build 131022 2.00+ build 131031 2.00+ build 131107 Summary:...

ViArt Shop Enterprise 4.1 Arbitrary Command Execution Vulnerability

No description provided by source. ?php / ViArt Shop Enterprise 4.1 Arbitrary Command Execution Vulnerability Vendor: ViArt Software Product web page: http://www.viart.com Affected version: 4.1, 4.0.8, 4.0.5 Summary: Viart Shop is a PHP based e-commerce suite, aiming to provide everything you nee...

BoxBilling 3.6.11 - mod_notification Persistent Cross-Site Scripting

BoxBilling 3.6.11 - modnotification Persistent Cross-Site Scripting BoxBilling 3.6.11 modnotification Stored Cross-Site Scripting Vulnerability Vendor: BoxBilling Product web page: http://www.boxbilling.com Affected version: 3.6.11 modnotification 1.0.0 Summary: BoxBilling is a free billing,...

Practico 13.9 XSS / CSRF / SQL Injection

Practico 13.9 Multiple Vulnerabilities Vendor: Practico Product web page: http://www.codigoabierto.org Affected version: 13.9 Summary: Practico is a free CMS software project released under license GNU GPL v2.0 for creating web applications in a completely visual and fast fashion. Without...

Practico 13.9 - Multiple Vulnerabilities

Practico 13.9 - Multiple Vulnerabilities Practico 13.9 Multiple Vulnerabilities Vendor: Practico Product web page: http://www.codigoabierto.org Affected version: 13.9 Summary: Practico is a free CMS software project released under license GNU GPL v2.0 for creating web applications in a completely...

Practico 13.9 - Multiple Vulnerabilities

Practico 13.9 Multiple Vulnerabilities Vendor: Practico Product web page: http://www.codigoabierto.org Affected version: 13.9 Summary: Practico is a free CMS software project released under license GNU GPL v2.0 for creating web applications in a completely visual and fast fashion. Without...

ImpressPages CMS 3.6 Arbitrary File Deletion

ImpressPages CMS v3.6 Remote Arbitrary File Deletion Vulnerability Vendor: ImpressPages UAB Product web page: http://www.impresspages.org Affected version: 3.6 Summary: ImpressPages CMS is an open source web content management system with revolutionary drag & drop interface. Desc: Input passed to...

ImpressPages CMS 3.6 Cross Site Scripting / SQL Injection

ImpressPages CMS v3.6 Multiple XSS/SQLi Vulnerabilities Vendor: ImpressPages UAB Product web page: http://www.impresspages.org Affected version: 3.6 Summary: ImpressPages CMS is an open source web content management system with revolutionary drag & drop interface. Desc: Input passed via several...

WordPress WooCommerce 2.0.17 Cross Site Scripting

Wordpress WooCommerce Plugin 2.0.17 Cross-Site Scripting Vulnerability Vendor: WooThemes Product web page: http://www.woothemes.com Affected version: 2.0.17 and 2.0.14 Summary: WooCommerce is an open source e-commerce plugin for WordPress. Desc: The plugin suffers from a XSS issue due to a...

Gnew 2013.1 Cross Site Scripting / SQL Injection Vulnerabilities

Gnew 2013.1 suffers from cross site scripting and remote SQL injection vulnerabilities. Gnew v2013.1 Multiple XSS And SQL Injection Vulnerabilities Vendor: Raoul Proença Product web page: http://www.gnew.fr Affected version: 2013.1 Summary: Gnew is a simple Content Management System written with...

FluxBB 1.5.3 - Multiple Vulnerabilities

Exploit for php platform in category web applications !-- FluxBB 1.5.3 Multiple Remote Vulnerabilities Vendor: FluxBB Product web page: http://www.fluxbb.org Affected version: 1.5.3 Summary: FluxBB is fast, light, user-friendly forum software for your website. Desc: FluxBB suffers from a cross-si...

FluxBB 1.5.3 - Multiple Vulnerabilities

!-- FluxBB 1.5.3 Multiple Remote Vulnerabilities Vendor: FluxBB Product web page: http://www.fluxbb.org Affected version: 1.5.3 Summary: FluxBB is fast, light, user-friendly forum software for your website. Desc: FluxBB suffers from a cross-site scripting, cross-site request forgery and URL...

Qool CMS 2.0 RC2 Cross Site Scripting

Qool CMS v2.0 RC2 Multiple HTML And JavaScript Injection Vulnerabilities input type="hidden" name="lib" value="default"...

Piwigo任意文件泄露和任意文件删除漏洞

BUGTRAQ ID: 58016 Piwigo是用PHP编写的相册脚本。 Piwigo 2.4.6及其他版本没有正确验证install.php脚本的 'dl'参数值，在实现上存在安全漏洞，攻击者可利用这些漏洞查看受影响计算机上的任意文件，删除受影响应用上下文内的任意文件。 0 Piwigo Piwigo 2.4.6 厂商补丁： Piwigo ------ 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://piwigo.org/bugs/view.php?id=2843...

Piwigo 2.4.6 - '/install.php' Arbitrary File Read/Delete

Piwigo 2.4.6 install.php Remote Arbitrary File Read/Delete Vulnerability Vendor: Piwigo project Product web page: http://www.piwigo.org Affected version: 2.4.6 Summary: Piwigo is a photo gallery software for the web that comes with powerful features to publish and manage your collection of...

Piwigo 2.4.6 - install.php Arbitrary File ReadDelete

Piwigo 2.4.6 - install.php Arbitrary File ReadDelete Piwigo 2.4.6 install.php Remote Arbitrary File Read/Delete Vulnerability Vendor: Piwigo project Product web page: http://www.piwigo.org Affected version: 2.4.6 Summary: Piwigo is a photo gallery software for the web that comes with powerful...

phlyLabs phlyMail Lite 4.03.04 XSS / Path Disclosure

phlyLabs phlyMail Lite 4.03.04 Path Disclosure and Stored XSS Vulnerabilities input type="hidden" name="M...