DreamBox DM800 - 'file' Local File Disclosure

source: https://www.securityfocus.com/bid/50520/info DreamBox DM800 is prone to a local file-disclosure vulnerability because it fails to adequately validate user-supplied input. Exploiting this vulnerability would allow an attacker to obtain potentially sensitive information from local files on...

WordPress Light Post Plugin 'abspath' Parameter Remote File Include Vulnerability

The Light Post WordPress Plugin is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

2Moons 1.4 - Multiple Remote File Inclusions

source: https://www.securityfocus.com/bid/50046/info 2Moons is prone to multiple remote file-include vulnerabilities because the application fails to sufficiently sanitize user-supplied input. Exploiting these issues may allow a remote attacker to obtain sensitive information or execute arbitrary...

Jaws 0.8.14 - Multiple Remote File Inclusions

source: https://www.securityfocus.com/bid/50022/info Jaws is prone to multiple remote file-include vulnerabilities because the application fails to sufficiently sanitize user-supplied input. Exploiting these issues may allow a remote attacker to obtain sensitive information or execute arbitrary...

WordPress Plugin WP Bannerize 2.8.7 - 'ajax_sorter.php' SQL Injection

source: https://www.securityfocus.com/bid/49893/info The WP Bannerize plug-in for WordPress is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...

IBM WebSphere Application Server Cross-Site Request Forgery Vulnerability

IBM WebSphere Application Server is prone to a cross-site request forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain actions in the context of an authorized user and gain access to the affected application; other attacks are also possible. IBM WebSphere...

WordPress Mailing List Plugin 'wpabspath' Parameter Remote File Include Vulnerability

The Mailing List plug-in for WordPress is prone to a remote file- include vulnerability because it fails to sufficiently sanitize user- supplied input. Exploiting this issue could allow an attacker to compromise the application and the underlying system. Other attacks are also possible. Mailing...

WordPress <= 0.1 Filedownload Plugin Local File Disclosure Vulnerability

The Filedownload plugin for WordPress is prone to a local file- disclosure vulnerability because it fails to adequately validate user-supplied input. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respectiv...

OpenSSH Ciphersuite Specification Information Disclosure Weakness

OpenSSH is prone to a security weakness that may allow attackers to downgrade the ciphersuite. Successfully exploiting this issue in conjunction with other latent vulnerabilities may allow attackers to gain access to sensitive information that may aid in further attacks. Releases prior to OpenSSH...

In-link 2.3.45.1.3 RC1 - cat SQL Injection

In-link 2.3.45.1.3 RC1 - cat SQL Injection source: https://www.securityfocus.com/bid/49508/info In-link is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to...

Blue Coat Reporter Directory Traversal Vulnerability

Blue Coat Reporter is prone to a directory traversal vulnerability because it fails to sufficiently sanitize user-supplied input. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Bugzilla Multiple Security Vulnerabilities

Bugzilla is prone to the following vulnerabilities: 1. A security bypass vulnerability. 2. An email header-injection vulnerability. 3. Multiple information disclosure vulnerabilities. 4. Multiple cross-site scripting vulnerabilities. Successfully exploiting these issues may allow an attacker to...

MantisBT Cross Site Scripting and SQL Injection Vulnerabilities

MantisBT is prone to an SQL-injection vulnerability and a cross-site scripting vulnerability. Exploiting these issues could allow an attacker to steal cookie- based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying...

Lasernet CMS 'id' Parameter SQL Injection Vulnerability

Lasernet CMS is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the...

Lasernet CMS <= 1.5 SQLi Vulnerability - Active Check

Lasernet CMS is prone to an SQL injection SQLi vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

Joomla Component mod_spo SQL Injection Vulnerability

No description provided by source. Exploit Title: Simple Page Option LFI Google Dork: inurl:modspo Date: 15/07/2011 Author: SeguridadBlanca.Blogspot.com or SeguridadBlanca Software Link: http://joomlacode.org/gf/download/frsrelease/11841/47776/modspo1.5.16.zip Version: 1.5.x Tested on: Backtrack...

Joomla Simple Page Option Local File Inclusion

Simple Page Option – LFI Vulnerable-Code: $slang =& JRequest::getVar'spositelang'; fileexistsdirnameFILE.DS.'languages'.DS.$slang.'.php' ? includedirnameFILE.DS.'languages'.DS.$slang.'.php' : includedirnameFILE.DS.'languages'.DS.'english.php'; Vulnerable-Var: spositelang= Expl0iting:...

CygniCon CyViewer - ActiveX Control &#039;SaveData()&#039; Insecure Method

source: https://www.securityfocus.com/bid/48483/info CygniCon CyViewer ActiveX control is prone to a vulnerability caused by an insecure method. Successfully exploiting this issue will allow attackers to create or overwrite files within the context of the affected application typically Internet...

Joomla! Component com_morfeoshow - idm SQL Injection

Joomla! Component commorfeoshow - idm SQL Injection source: https://www.securityfocus.com/bid/48452/info The 'commorfeoshow' component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting th...

Oracle HTTP Server Header Cross Site Scripting

--------------------------------------------------------------------------------------------------------- Oracle HTTP Server XSS Header Injection --------------------------------------------------------------------------------------------------------- Attack Pattern ID : CAPEC-86 CWE ID : CI-79...