24 matches found
CVE-2007-1906
CVE-2007-1906 affects eCardMAX HotEditor (Hot Editor) 4.0 and the HotEditor plugin for MyBB. The vulnerability is a directory traversal that allows remote attackers to include and execute arbitrary local files by supplying a .. sequence in the first parameter of richedit/keyboard.php. Impact desc...
eCardMAX HotEditor 4.0 - 'Keyboard.php' Local File Inclusion
source: https://www.securityfocus.com/bid/23377/info eCardMAX HotEditor is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized user to view files and execute local scripts. HotEditor 4.0 is...
eCardMAX HotEditor 4.0 - Keyboard.php Local File Inclusion
eCardMAX HotEditor 4.0 - Keyboard.php Local File Inclusion source: https://www.securityfocus.com/bid/23377/info eCardMAX HotEditor is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized user to view...
Re[2]: новые уязвимости
Здравствуйте, 3APA3A. свежая порция: Software: eCardMAX Standard&Gold Vendor: eCardMAX www.ecardmax.com Vulnerability: межсайтовый скриптинг Risk: низкий Date: 30.12.2005 discovered by durito -duritoatmaildotru- HTTP: all-about-all.net durito.narod.ru +:| Details |: Межсайтовый скриптинг:...