32 matches found
EUVD-2003-0965
Malware in sbrugna...
EUVD-2002-1010
Malware in sbrugna...
EUVD-2010-1110
Malware in sbrugna...
CVE-2009-2704
CA SiteMinder allows remote attackers to bypass cross-site scripting XSS protections for J2EE applications via a request containing a %00 encoded null byte...
GHSA-VJV5-GP2W-65VM Encoded URIs can access WEB-INF directory in Eclipse Jetty
Description URIs can be crafted using some encoded characters to access the content of the WEB-INF directory and/or bypass some security constraints. This is a variation of the vulnerability reported in CVE-2021-28164/GHSA-v7ff-8wcx-gmc5. Impact The default compliance mode allows requests with UR...
CVE-2002-2013
Mozilla 0.9.6 and earlier and Netscape 6.2 and earlier allows remote attackers to steal cookies from another domain via a link with a hex-encoded null character %00 followed by the target domain...
webgrind 1.0 (file param) Local File Inclusion Vulnerability
No description provided by source. webgrind 1.0 file param Local File Inclusion Vulnerability Vendor: Joakim Nygard and Jacob Oettinger Product web page: http://code.google.com/p/webgrind Affected version: 1.0 v1.02 in trunk on github Summary: Webgrind is an Xdebug profiling web frontend in PHP5...
iManager Plugin 1.2.8 (lang) - Local File Inclusion Vulnerability
No description provided by source. iManager Plugin v1.2.8 lang Local File Inclusion Vulnerability Vendor: net4visions.com Product web page: http://www.net4visions.com Affected version: = 1.2.8 Build 02012008 Summary: With iManager you can manage your files/images on your webserver, and it provide...
CVE-2013-5688
Multiple directory traversal vulnerabilities in index.php in AjaXplorer 5.0.2 and earlier allow remote authenticated users to read arbitrary files via a ../%00 dot dot backslash encoded null byte in the file parameter in a 1 download or 2 getcontent action, or 3 upload arbitrary files via a ../%0...
Multiple vulnerabilities in ImpressCMS
High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in ImpressCMS, which can be exploited to perform cross-site scripting and local file inclusion attacks. 1 Multiple Arbitrary XSS vulnerabilities in ImpressCMS: CVE-2012-0986 1.1 Input appended to the URL after...
Local file inclusion in VtigerCRM
Vulnerability ID: HTB23054 Reference: https://www.htbridge.ch/advisory/localfileinclusioninvtigercrm.html Product: VtigerCRM Vendor: vtiger.com http://www.vtiger.com Vulnerable Version: 5.2.1 and probably prior Tested Version: 5.2.1 Vendor Notification: 19 October 2011 Vulnerability Type: Local...
VtigerCRM 5.2.1 Local File Inclusion
Vulnerability ID: HTB23054 Reference: https://www.htbridge.ch/advisory/localfileinclusioninvtigercrm.html Product: VtigerCRM Vendor: vtiger.com http://www.vtiger.com Vulnerable Version: 5.2.1 and probably prior Tested Version: 5.2.1 Vendor Notification: 19 October 2011 Vulnerability Type: Local...
iBrowser Plugin 1.4.1 Local File Inclusion
iBrowser Plugin v1.4.1 lang Local File Inclusion Vulnerability Vendor: net4visions.com Product web page: http://www.net4visions.com Affected version: lang.'.php' ; 70: $this - charset = $langcharset; 71: $this - dir = $langdirection; 72: $this - langdata = $langdata; 73: unset $langdata ; 74:...
iBrowser Plugin v1.4.1 (lang) Local File Inclusion Vulnerability
Exploit for php platform in category web applications iBrowser Plugin v1.4.1 lang Local File Inclusion Vulnerability Vendor: net4visions.com Product web page: http://www.net4visions.com Affected version: lang.'.php' ; 70: $this - charset = $langcharset; 71: $this - dir = $langdirection; 72: $this...
Pacer Edition CMS 2.1 Local File Inclusion
Pacer Edition CMS 2.1 l param Local File Inclusion Vulnerability Vendor: The Pacer Edition Product web page: http://www.thepaceredition.com Affected version: RC 2.1 SVN: 867 Summary: The 'Pacer Edition' is a Content Management SystemCMS written using PHP 5.2.9 as a minimum requirement. The Pacer...
Pacer Edition CMS 2.1 - 'l' Local File Inclusion
Pacer Edition CMS 2.1 l param Local File Inclusion Vulnerability Vendor: The Pacer Edition Product web page: http://www.thepaceredition.com Affected version: RC 2.1 SVN: 867 Summary: The 'Pacer Edition' is a Content Management SystemCMS written using PHP 5.2.9 as a minimum requirement. The Pacer...
Zen Cart 1.3.9f Local File Inclusion
Zen Cart v1.3.9f typefilter Local File Inclusion Vulnerability Vendor: Zen Ventures, LLC Product web page: http://www.zen-cart.com Version affected: 1.3.9f Summary: Zen Cart is an online store management system. It is PHP-based, using a MySQL database and HTML components. Support is provided for...
Zen Cart v1.3.9f (typefilter) Local File Inclusion Vulnerability
Summary Zen Cart is an online store management system. It is PHP-based, using a MySQL database and HTML components. Support is provided for numerous languages and currencies, and it is freely available under the GNU GPL. Description Zen Cart v1.3.9f suffers from a file inlcusion vulnerability LFI...
Sql injection
SQL injection vulnerability in archive.php in XlentProjects SphereCMS 1.1 alpha allows remote attackers to execute arbitrary SQL commands via encoded null bytes "%00" in the view parameter, which bypasses a protection mechanism...
CVE-2010-1078
SQL injection vulnerability in archive.php in XlentProjects SphereCMS 1.1 alpha allows remote attackers to execute arbitrary SQL commands via encoded null bytes "%00" in the view parameter, which bypasses a protection mechanism...