1049 matches found
LittlePhpGallery 'gallery.php' Local File Include Vulnerability
LittlePhpGallery is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and to execute arbitrary local scripts in the context of the webserver process. This ma...
Joomla Component 'com_jimtawl' <= 1.0.2 LFI Vulnerability - Active Check
The SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:joomla:joomla"; if description scriptoid"1.3.6.1.4.1.25623.1.0.100919";...
Joomla Component 'com_jimtawl' Local File Include Vulnerability
The 'comjimtawl' component for Joomla! is prone to a local file- include vulnerability because it fails to properly sanitize user- supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and execute arbitrary local scripts in the context of the...
Joomla Component 'com_img' Local File Include Vulnerability
The 'comimg' component for Joomla! is prone to a local file- include vulnerability because it fails to properly sanitize user- supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and execute arbitrary local scripts in the context of the webserver...
TFTgallery 'thumbnailformpost.inc.php' Local File Include Vulnerability
TFTgallery is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and execute arbitrary local scripts in the context of the webserver process. This may allow t...
Online Grades Multiple Local File Include Vulnerabilities
Online Grades is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker with admin access can exploit these vulnerabilities to obtain potentially sensitive information and to execute arbitrary local scripts in the context of the...
Joomla! Component Jstore - Controller Local File Inclusion
Joomla! Component Jstore - Controller Local File Inclusion source: https://www.securityfocus.com/bid/44053/info The 'comjstore' component for Joomla! is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerabilit...
LightOpenCMS 'smarty.php' LFI Vulnerability
LightOpenCMS is prone to a local file include LFI vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and execute arbitrary local scripts in the context of the webserver process. This may...
Uebimiau Webmail 'stage' Parameter Local File Include Vulnerability
Uebimiau Webmail is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
NWS-Classifieds - cmd Local File Inclusion
NWS-Classifieds - cmd Local File Inclusion source: https://www.securityfocus.com/bid/43259/info NWS-Classifieds is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive...
HeffnerCMS 1.22 - 'index.php' Local File Inclusion
source: https://www.securityfocus.com/bid/43006/info HeffnerCMS is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and to execute arbitrary local scripts i...
Groupmax World Wide Web Desktop Cross-Site Scripting Vulnerability
Overview Groupmax World Wide Web Desktop is vulnerable to cross-site scripting. Impact A remote attacker could execute arbitrary scripts on the affected system. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action...
AneCMS 1.0 - Multiple Local File Inclusions
AneCMS 1.0 - Multiple Local File Inclusions source: https://www.securityfocus.com/bid/39416/info AneCMS is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities to obtain potentially sensitive...
AneCMS 1.0 - Multiple Local File Inclusions
source: https://www.securityfocus.com/bid/39416/info AneCMS is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities to obtain potentially sensitive information and to execute arbitrary local...
Saskias ShopSystem - id Local File Inclusion
Saskias ShopSystem - id Local File Inclusion source: https://www.securityfocus.com/bid/38574/info Saskia's Shopsystem is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitiv...
TikiWiki jhot.php Script File Upload Security Bypass (CVE-2006-4602)
TikiWiki, also known as Tiki CMS/Groupware or simply Tiki, is a powerful wiki-based Content Management System CMS which allows users and/or groups of users to manage their data on-line via a web browser. TikiWiki provides numerous features, including Wiki-based Documentation, Groupware, Blogging...
SiteX 'THEME_FOLDER' Parameter Multiple Local File Include Vulnerabilities
SiteX is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to obtain potentially sensitive information and execute arbitrary local scripts in the context of the webserver process. This may allow the...
Oracle Application Server vulnerable to cross-site scripting
Overview Oracle Application Server from Oracle contains a cross-site scripting vulnerability. Oracle Application Server from Oracle is an application server. Oracle Application Server contains a cross-site scripting vulnerability. Daiki Fukumori reported this vulnerability to IPA. JPCERT/CC...
Simple PHP Blog v0.5.1 Local File Inclusion Vulnerability
Exploit for unknown platform in category web applications ========================================================= Simple PHP Blog v0.5.1 Local File Inclusion Vulnerability ========================================================= Simple PHP Blog is prone to a local file-include vulnerability...
FlatPress 'userid' Parameter Local File Include Vulnerability
FlatPress is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and execute arbitrary local scripts in the context of the webserver process. This may allow th...