32 matches found
Code injection
vtiger CRM 5.4.0 and earlier contain local file-include vulnerabilities in 'customerportal.php' which allows remote attackers to view files and execute local script code...
CVE-2003-0863
The phpchecksafemodeincludedir function in fopenwrappers.c of PHP 4.3.x returns a success value 0 when the safemodeincludedir variable is not specified in configuration, which differs from the previous failure value and may allow remote attackers to exploit file include vulnerabilities in PHP...
Tagit! Tagit2b 2.1.B Build 2 tagmin/verify.php configpath Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/22518/info TagIt! TagBoard is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application...
Song Exporter v2.1.1 RS iOS - File Include Vulnerabilities
Document Title: =============== Song Exporter v2.1.1 RS iOS - File Include Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1172 Release Date: ============= 2013-12-18 Vulnerability Laboratory ID VL-ID: ====================================...
Webify Product Series - Multiple Web Vulnerabilities
Title: ====== Webify Product Series - Multiple Web Vulnerabilities Date: ===== 2012-06-08 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=598 VL-ID: ===== 598 Common Vulnerability Scoring System: ==================================== 6.5 Introduction: ============= Webif...
Dolibarr CMS v3.2.0 Alpha - File Include Vulnerabilities
Document Title: =============== Dolibarr CMS v3.2.0 Alpha - File Include Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=428 Release Date: ============= 2012-02-06 Vulnerability Laboratory ID VL-ID: ==================================== 42...
PlaySMS 'apps_path[themes]' Parameter Multiple Remote File Include Vulnerabilities
PlaySMS is prone to multiple remote file-include vulnerabilities because the application fails to sufficiently sanitize user-supplied input. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...
Ignition Multiple Local File Include and Remote Code Execution Vulnerabilities
Ignition is prone to multiple local file-include vulnerabilities and a remote code execution vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities to obtain potentially sensitive information and to execute arbitrary local scripts an...
Pandora FMS <= 3.1 Multiple Input Validation Vulnerabilities - Active Check
Pandora FMS is prone to an authentication bypass vulnerability as well as the following input-validation vulnerabilities: - A commandinjection vulnerability - Multiple SQL injection SQLi vulnerabilities - A remote file include RFI vulnerability - An arbitrary PHP code execution vulnerability -...
Online Grades Multiple <= 3.2.5 LFi Vulnerabilities
Online Grades is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker with admin access can exploit these vulnerabilities to obtain potentially sensitive nformation and to execute arbitrary local scripts in the context of the...
Online Grades Multiple Local File Include Vulnerabilities
Online Grades is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker with admin access can exploit these vulnerabilities to obtain potentially sensitive information and to execute arbitrary local scripts in the context of the...
Collaborative Passwords Manager (cPassMan) Multiple Local File Include Vulnerabilities
cPassMan is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Snipe Gallery 'cfg_admin_path' Multiple Remote File Include Vulnerabilities
The host is running Snipe Gallery and is prone to multiple remote file include vulnerabilities. OpenVAS Vulnerability Test $Id: gbsnipegalleryremotefileincludevuln.nasl 5373 2017-02-20 16:27:48Z teissa $ Snipe Gallery 'cfgadminpath' Multiple Remote File Include Vulnerabilities Authors: Sooraj KS...
Joomla! Component Percha Gallery 1.6 Beta - 'Controller' Traversal Arbitrary File Access
source: https://www.securityfocus.com/bid/40244/info Multiple Percha components for Joomla are prone to multiple local file-include vulnerabilities because they fail to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities to obtain potentially sensitive information...
Quick Classifieds 1.0 - controlcenterupdate.php3?DOCUMENT_ROOT Remote File Inclusion
Quick Classifieds 1.0 - controlcenterupdate.php3?DOCUMENTROOT Remote File Inclusion source: https://www.securityfocus.com/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues...
How hackers exploit file include vulnerabilities website intrusion-vulnerability warning-the black bar safety net
One, see vulnerability announcement Recent want to learn what the files contain vulnerability, inadvertently saw on the file that contains the vulnerability announcement. Roughly meaning is such, PhpwCMS 1.2.6 system The following files exist in the file containing the vulnerability:...
Systeme de vote pour site Web 1.0 - Multiple Remote File Inclusions
source: https://www.securityfocus.com/bid/25335/info 'Systeme de vote pour site Web' is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these issues may allow an attacker to compromise the application and the underlyi...
Magic Photo Storage Website - '/admin/index.php?_config[site_path]' Remote File Inclusion
source: https://www.securityfocus.com/bid/21965/info Magic Photo Storage Website is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the underlying...
phpProfiles 2.1 Beta Multiple Remote File Include Vulnerabilities
Exploit for unknown platform in category web applications ================================================================= phpProfiles 2.1 Beta Multiple Remote File Include Vulnerabilities =================================================================...
phpShop Core <= 0.9.0 RC1 (PS_BASE) File Include Vulnerabilities
Exploit for unknown platform in category web applications ================================================================ phpShop Core ====================================================== Exploit :...