AnyInventory <= 2.0 (environment.php) Remote File Inclusion Vuln

No description provided by source. AnyInventory = 2.0 Remote file inclusion Download script : http://physics.ramapo.edu/downloads/anyInventory-1.9.1.tar.gz Exploit : http://victime.com/anyInventorypath/environment.php?DIRPREFIX= shell.txt? Dork : anyInventory, the most flexible and powerful...

CVE-2011-0508

Cross-site scripting XSS vulnerability in system/modules/comments/Comments.php in Contao CMS 2.9.2, and possibly other versions before 2.9.3, allows remote attackers to inject arbitrary web script or HTML via the HTTP XFORWARDEDFOR header, which is stored by system/libraries/Environment.php but n...

Cross site scripting

Cross-site scripting XSS vulnerability in system/modules/comments/Comments.php in Contao CMS 2.9.2, and possibly other versions before 2.9.3, allows remote attackers to inject arbitrary web script or HTML via the HTTP XFORWARDEDFOR header, which is stored by system/libraries/Environment.php but n...

CVE-2011-0508

Cross-site scripting XSS vulnerability in system/modules/comments/Comments.php in Contao CMS 2.9.2, and possibly other versions before 2.9.3, allows remote attackers to inject arbitrary web script or HTML via the HTTP XFORWARDEDFOR header, which is stored by system/libraries/Environment.php but n...

AnyInventory 2.0 - &#039;Environment.php&#039; Remote File Inclusion

AnyInventory = 2.0 Remote file inclusion Download script : http://physics.ramapo.edu/downloads/anyInventory-1.9.1.tar.gz Exploit : http://victime.com/anyInventorypath/environment.php?DIRPREFIX= shell.txt? Dork : anyInventory, the most flexible and powerful web-based inventory system Discovered by...

AnyInventory <= 2.0 (environment.php) Remote File Inclusion Vuln

Exploit for unknown platform in category web applications ================================================================ AnyInventory 2.0 Remote file inclusion Download script : http://physics.ramapo.edu/downloads/anyInventory-1.9.1.tar.gz Exploit :...

AnyInventory 2.0 - Environment.php Remote File Inclusion

AnyInventory 2.0 - Environment.php Remote File Inclusion AnyInventory = 2.0 Remote file inclusion Download script : http://physics.ramapo.edu/downloads/anyInventory-1.9.1.tar.gz Exploit : http://victime.com/anyInventorypath/environment.php?DIRPREFIX= shell.txt? Dork : anyInventory, the most...

Design/Logic Flaw

Eval injection vulnerability in environment.php in Olate Download od 3.4.1 allows context-dependent attackers to execute arbitrary code via a crafted version string, as referenced by the 1 PDO::ATTRSERVERVERSION or 2 PDO::ATTRCLIENTVERSION attribute...

CVE-2007-4454

Eval injection vulnerability in environment.php in Olate Download od 3.4.1 allows context-dependent attackers to execute arbitrary code via a crafted version string, as referenced by the 1 PDO::ATTRSERVERVERSION or 2 PDO::ATTRCLIENTVERSION attribute...

Olate Download 3.4.1~environment.php.php~Code Execution

VISITE ORIGINAL ADVISORY FOR MORE DETAILES http://myimei.com/security/2007-08-17/olate-download-341-environmentphpphp-code-execution.html VISITE ORIGINAL ADVISORY FOR MORE DETAILES ——————-Summary—————- Software: Olate Download Sowtware's Web Site: http://www.olate.co.uk/ Versions: 3.4.1 Class:...

CVE-2006-2443

The Debian package of knowledgetree 2.0.7 creates environment.php with world-readable permissions, which allows local users to obtain sensitive information such as the username and password for the KnowledgeTree database...

CVE-2006-2443

The Debian package of knowledgetree 2.0.7 creates environment.php with world-readable permissions, which allows local users to obtain sensitive information such as the username and password for the KnowledgeTree database...

CVE-2006-2443

The CVE-2006-2443 entry documents a vulnerability in the Debian package of Knowledgetree 2.0.7 where environment.php is created with world-readable permissions. This permissive configuration allows local users to read sensitive information, including the KnowledgeTree database username and passwo...