dotProject <= 2.0.3 (baseDir) Remote File Inclusion Vulnerability

No description provided by source. Credits : h4ntu Title : dotProject = 2.0.3 Remote File Inclusion URL : http://www.dotproject.net/ Exploit : http://target.com/dotProjectpath/includes/dbadodb.php?baseDir=attacker milw0rm.com 2006-06-20...

Dotproject 2.0 /modules/tasks/gantt.php baseDir Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/16648/info Dotproject is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to includ...

Dotproject 2.0 /modules/projects/vw_files.php dPconfig[root_dir] Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/16648/info Dotproject is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to includ...

Dotproject 2.0 /modules/public/calendar.php baseDir Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/16648/info Dotproject is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to includ...

Dotproject 2.0 /modules/projects/gantt2.php dPconfig[root_dir] Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/16648/info Dotproject is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to includ...

Dotproject 2.0 /modules/public/date_format.php baseDir Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/16648/info Dotproject is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to includ...

Multiple vulnerabilities in dotProject

Advisory ID: HTB23124 Product: dotProject Vendor: dotproject.net Vulnerable Versions: 2.1.6 and probably prior Tested Version: 2.1.6 Vendor Notification: October 31, 2012 Vendor Patch: November 7, 2012 Public Disclosure: November 21, 2012 Vulnerability Type: SQL Injection CWE-89, Cross-Site...

dotProject 2.1.6 Cross Site Scripting / SQL Injection

dotProject version 2.1.6 suffers from cross site scripting and remote SQL injection vulnerabilities. Product: dotProject Vendor: dotproject.net Vulnerable Versions: 2.1.6 and probably prior Tested Version: 2.1.6 Vendor Notification: October 31, 2012 Vendor Patch: November 7, 2012 Public Disclosur...

dotProject 2.1.x - index.php Multiple SQL Injections

dotProject 2.1.x - index.php Multiple SQL Injections source: https://www.securityfocus.com/bid/56624/info Dotproject is prone to the following security vulnerabilities: 1. Multiple SQL-injection vulnerabilities 2. Multiple cross-site scripting vulnerabilities Exploiting these vulnerabilities coul...

dotProject 2.1.x - index.php Multiple Cross-Site Scripting Vulnerabilities

dotProject 2.1.x - index.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/56624/info Dotproject is prone to the following security vulnerabilities: 1. Multiple SQL-injection vulnerabilities 2. Multiple cross-site scripting vulnerabilities Exploiting thes...

dotProject 2.1.x - &#039;index.php&#039; Multiple SQL Injections

source: https://www.securityfocus.com/bid/56624/info Dotproject is prone to the following security vulnerabilities: 1. Multiple SQL-injection vulnerabilities 2. Multiple cross-site scripting vulnerabilities Exploiting these vulnerabilities could allow an attacker to steal cookie-based...

dotProject 2.1.6 Cross Site Scripting / SQL Injection

Advisory ID: HTB23124 Product: dotProject Vendor: dotproject.net Vulnerable Versions: 2.1.6 and probably prior Tested Version: 2.1.6 Vendor Notification: October 31, 2012 Vendor Patch: November 7, 2012 Public Disclosure: November 21, 2012 Vulnerability Type: SQL Injection CWE-89, Cross-Site...

dotProject 2.1.6 - Remote File Inclusion

:::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ posdubatgmail.com 2012-11-13 dotProject = 2.1.6 Remote File Inclusion Vulnerability Script: "PHP web-based project management framework that...

dotProject <= 2.1.6 Remote File Inclusion Vulnerability

Exploit for php platform in category web applications Discovered by dun \ posdubatgmail.com 2012-11-13 dotProject = 2.1.6 Remote File Inclusion Vulnerability Script: "PHP web-based project management framework that includes modules for companies, projects, tasks with Gantt charts, forums, files,...

Multiple vulnerabilities in dotProject

High-Tech Bridge Security Research Lab discovered multiple vulnerabilities in dotProject, which can be exploited to perform SQL injection and cross-site scripting XSS attacks. 1 SQL Injection in dotProject: CVE-2012-5701 High-Tech Bridge Security Research Lab has discovered multiple SQL injection...

DotProject 2.1.5 SQL Injection / Cross Site Scripting

DotProject version 2.1.5 suffers from cross site scripting and remote SQL injection vulnerabilities. Information -------------------- Name : XSS and SQL Injection Vulnerabilities in DotProject Software : DotProject 2.1.5 and possibly below. Vendor Homepage : http://www.dotproject.net Vulnerabilit...

dotProject '.php' Files Installation Path Disclosure Vulnerability

The host is running dotProject and is prone to path disclosure vulnerability. OpenVAS Vulnerability Test $Id: secpoddotprojectphpfileinstallpathdiscvuln.nasl 7052 2017-09-04 11:50:51Z teissa $ dotProject '.php' Files Installation Path Disclosure Vulnerability Authors: Madhuri D Copyright: Copyrig...

dotProject <= 2.1.4 Information Disclosure Vulnerability - Active Check

dotProject is prone to a path disclosure vulnerability. Copyright C 2011 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you c...

CVE-2011-3729

dotproject 2.1.4 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by style/dp-grey-theme/footer.php and certain other files...

Information disclosure

dotproject 2.1.4 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by style/dp-grey-theme/footer.php and certain other files...