NFR Agent FSFUI Record Arbitrary Remote File Access

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NFR Agent FSFUI Record Arbitrary Remote File Access', 'Description' = %q NFRAgent.exe, a component of Novell File Reporter NFR, allows remote...

BugPoC: XSS PoC for the wacky.buggywebsite.com challenge

Summary: https://wacky.buggywebsite.com/frame.html is vulnerable to DOM-based XSS. Steps To Reproduce: 1. Navigate to https://oembed.dev.ipwnedyour.net/wacky.buggywebsite.com.xss.html 1. Verify the document's origin is displayed in an alert box. PoC code details: The PoC page at...

NewStart CGSL MAIN 5.04 : libreoffice Vulnerability (NS-SA-2019-0013)

The remote NewStart CGSL host, running version MAIN 5.04, has libreoffice packages installed that are affected by a vulnerability: - A flaw was found in libreoffice before 5.4.5 and before 6.0.1. Arbitrary remote file disclosure may be achieved by the use of the WEBSERVICE formula in a specially...

Premod SubDog 2 includes/logger_engine.php phpbb_root_path Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/22912/info Premod SubDog 2 is prone to multiple remote file-include vulnerabilities. An attacker can exploit these issues to include an arbitrary remote file containing malicious PHP code and execute it in the context of...

PhpLeague 0.81 consult/miniseul.php cheminmini Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/20756/info Php League is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote file containing...

MediaSlash Gallery Index.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17323/info MediaSlash Gallery is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include an...

IDevSpot PHPHostBot 1.0 Index.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/19084/info PHPHostBot is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious...

In-Portal In-Link 2.3.4 ADODB_DIR.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/19824/info In-portal In-link is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing...

DreamCost HostAdmin 3.0 Index.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16682/info HostAdmin is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary...

Mambo Rssxt Component 1.0 MosConfig_absolute_path Multiple Remote File Include Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/19593/info The Mambo Rssxt component for Joomla and Mambo is prone multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an...

Prototype of an PHP application 0.1 ident/index.php path_inc Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/24266/info 'Prototype of an PHP application' is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input to the application. An attacker may leverage these issues to...

Mambo Display MOSBot Manager Component mosConfig_absolute_path Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/19621/info The Mambo Display MOSBot Manager component is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary...

Mambo LMTG Myhomepage 1.2 Component Multiple Remote File Include Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/19584/info The lmtgmyhomepage component for Mambo is prone multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitra...

CMS Faethon 1.3.2 - Multiple Remote File Include Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/18489/info CMS Faethon is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input to the application. An attacker may leverage these issues to have an arbitrary remo...

CyBoards PHP Lite 1.21/1.25 Common.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/18272/info CyBoards PHP Lite is prone to a remote file-include vulnerability. An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the context of the...

ezContents 2.0.3 gallery_summary.php GLOBALS[admin_home] Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/19776/info ezContents is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote fi...

RahnemaCo Page.PHP PageID Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/18490/info RahnemaCo is prone to a remote file-include vulnerability. An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver...

AlstraSoft Video Share Enterprise 4.x MyajaxPHP.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/19724/info AlstraSoft Video Share Enterprise is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote fil...

Small Axe Weblog 0.3.1 'ffile' Parameter Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/27383/info Small Axe Weblog is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing...

Tiny Web Gallery 1.5 Image Parameter Multiple Remote File Include Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/19462/info Tiny Web Gallery is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary...