81 matches found
NFR Agent FSFUI Record Arbitrary Remote File Access
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NFR Agent FSFUI Record Arbitrary Remote File Access', 'Description' = %q NFRAgent.exe, a component of Novell File Reporter NFR, allows remote...
BugPoC: XSS PoC for the wacky.buggywebsite.com challenge
Summary: https://wacky.buggywebsite.com/frame.html is vulnerable to DOM-based XSS. Steps To Reproduce: 1. Navigate to https://oembed.dev.ipwnedyour.net/wacky.buggywebsite.com.xss.html 1. Verify the document's origin is displayed in an alert box. PoC code details: The PoC page at...
NewStart CGSL MAIN 5.04 : libreoffice Vulnerability (NS-SA-2019-0013)
The remote NewStart CGSL host, running version MAIN 5.04, has libreoffice packages installed that are affected by a vulnerability: - A flaw was found in libreoffice before 5.4.5 and before 6.0.1. Arbitrary remote file disclosure may be achieved by the use of the WEBSERVICE formula in a specially...
Mambo Rssxt Component 1.0 MosConfig_absolute_path Multiple Remote File Include Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/19593/info The Mambo Rssxt component for Joomla and Mambo is prone multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an...
DreamCost HostAdmin 3.0 Index.PHP Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/16682/info HostAdmin is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary...
In-Portal In-Link 2.3.4 ADODB_DIR.PHP Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/19824/info In-portal In-link is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing...
PhpLeague 0.81 consult/miniseul.php cheminmini Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/20756/info Php League is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote file containing...
CMS Faethon 1.3.2 - Multiple Remote File Include Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/18489/info CMS Faethon is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input to the application. An attacker may leverage these issues to have an arbitrary remo...
Dotproject 2.0 /modules/public/date_format.php baseDir Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/16648/info Dotproject is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to includ...
ezContents 2.0.3 calendar.php GLOBALS[language_home] Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/19776/info ezContents is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote fi...
DieselScripts Smart Traffic Index.PHP Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/19630/info Smart Traffic is prone a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious...
ezContents 2.0.3 gallery_summary.php GLOBALS[admin_home] Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/19776/info ezContents is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote fi...
phpMyTourney 2 - tourney/index.php Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/28057/info phpMyTourney is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing maliciou...
Tiny Web Gallery 1.5 Image Parameter Multiple Remote File Include Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/19462/info Tiny Web Gallery is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary...
MediaSlash Gallery Index.PHP Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/17323/info MediaSlash Gallery is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include an...
AlstraSoft Video Share Enterprise 4.x MyajaxPHP.PHP Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/19724/info AlstraSoft Video Share Enterprise is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote fil...
RahnemaCo Page.PHP PageID Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/18490/info RahnemaCo is prone to a remote file-include vulnerability. An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the context of the webserver...
ezContents 2.0.3 search.php GLOBALS[language_home] Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/19776/info ezContents is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote fi...
Calendarix 0.7 'calpath' Parameter Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/37673/info Calendarix is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious...
Small Axe Weblog 0.3.1 'ffile' Parameter Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/27383/info Small Axe Weblog is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing...