22 matches found
EUVD-2007-6200
Malware in sbrugna...
EUVD-2007-6201
Malware in sbrugna...
EUVD-2007-6202
Malware in sbrugna...
Monsta FTP 1.6.2 Cross Site Request Forgery / Cross Site Scripting
Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/AS-MONSTAFTP-0911.txt Vendor: ================================ www.monstaftp.com Product: ================================ monstaftpv1.6.2 Monsta FTP is open source PHP/Ajax cloudware...
ftp admin 0.1.0 (lfi/xss/ab) Multiple Vulnerabilities
No description provided by source. FTP Admin v0.1.0 - MULTIPLE VULNERABILITIES by Omni 1 Infos --------- Date : 2007-11-28 Product : FTP Admin Version : v0.1.0 Vendor : http://sourceforge.net/projects/ftpadmin/ Vendor Status : 2007-11-30 Informed! Description : FTP admin is a web-based user...
Surge FTP Admin Web Module Directory Traversal
======================================================================================== | Title : SURGE FTP ADMIN WEB Module Version 2.0 Apache Tomcat v.5.5.26 Directory Traversal Vulnerability | Author : indoushka | email : [email protected] | Home : Souk Naamane - 04325 - Oum El Bouaghi -...
FTP Admin多个远程输入验证漏洞
BUGTRAQ ID: 26658 FTP Admin是结合vsFTPd、sudo、apache和PHP使用的用户管理工具。 FTP Admin的实现上存在多个输入验证漏洞,远程攻击者可能利用此漏洞获取非授权访问。 FTP Admin的index.php文件中没有正确地验证对page参数的输入,允许远程攻击者包含本地或外部FTP资源的任意文件。成功攻击要求有效的用户凭据。 index.php文件中没有正确地验证认证,远程攻击者无需拥有有效的用户凭据便可以通过将loggedin参数设置为true登录并添加新的FTP用户。成功攻击要求打开了registerglobals。...
Cross site scripting
Cross-site scripting XSS vulnerability in index.php in FTP Admin 0.1.0 allows remote attackers to inject arbitrary web script or HTML via the error parameter in an error page action...
CVE-2007-6234
index.php in FTP Admin 0.1.0 allows remote attackers to bypass authentication and obtain administrative access via a loggedin parameter with a value of true, as demonstrated by adding a user account...
CVE-2007-6233
Directory traversal vulnerability in index.php in FTP Admin 0.1.0 allows remote authenticated users to include and execute arbitrary local files via a .. dot dot in the page parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an...
Directory traversal
Directory traversal vulnerability in index.php in FTP Admin 0.1.0 allows remote authenticated users to include and execute arbitrary local files via a .. dot dot in the page parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an...
CVE-2007-6232
Cross-site scripting XSS vulnerability in index.php in FTP Admin 0.1.0 allows remote attackers to inject arbitrary web script or HTML via the error parameter in an error page action...
CVE-2007-6233
CVE-2007-6233 affects FTP Admin 0.1.0. The vulnerability is a directory traversal in index.php, where a .. in the page parameter can cause local file inclusion/execution. This could allow an authenticated remote user to include/execute arbitrary local files; in some environments, UNC share paths ...
CVE-2007-6232
CVE-2007-6232 describes a cross-site scripting (XSS) vulnerability in the FTP Admin 0.1.0 web interface. The issue is in the file index.php , where an attacker can inject arbitrary web script or HTML by supplying a crafted value to the error parameter of an error page action. This is a remote-exe...
CVE-2007-6234
CVE-2007-6234 : The vulnerability in FTP Admin 0.1.0 allows remote attackers to bypass authentication and gain administrative access by supplying a loggedin=true parameter, demonstrated by adding a user account. The issue affects the login/authentication check in index.php and has a high impact (...
CVE-2007-6233
Directory traversal vulnerability in index.php in FTP Admin 0.1.0 allows remote authenticated users to include and execute arbitrary local files via a .. dot dot in the page parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an...
CVE-2007-6234
index.php in FTP Admin 0.1.0 allows remote attackers to bypass authentication and obtain administrative access via a loggedin parameter with a value of true, as demonstrated by adding a user account...
FTP Admin 0.1.0 (LFI/XSS/AB) Multiple Remote Vulnerabilities
No description provided by source. FTP Admin v0.1.0 - MULTIPLE VULNERABILITIES by Omni 1 Infos --------- Date : 2007-11-28 Product : FTP Admin Version : v0.1.0 Vendor : http://sourceforge.net/projects/ftpadmin/ Vendor Status : 2007-11-30 Informed! Description : FTP admin is a web-based user...
ftpadmin-multi.txt
FTP Admin v0.1.0 - MULTIPLE VULNERABILITIES by Omni 1 Infos --------- Date : 2007-11-28 Product : FTP Admin Version : v0.1.0 Vendor : http://sourceforge.net/projects/ftpadmin/ Vendor Status : 2007-11-30 Informed! Description : FTP admin is a web-based user administration tool, for usage in...
ftp Admin 0.1.0 - Local File Inclusion Cross-Site Scripting Authentication Bypass
ftp Admin 0.1.0 - Local File Inclusion Cross-Site Scripting Authentication Bypass FTP Admin v0.1.0 - MULTIPLE VULNERABILITIES by Omni 1 Infos --------- Date : 2007-11-28 Product : FTP Admin Version : v0.1.0 Vendor : http://sourceforge.net/projects/ftpadmin/ Vendor Status : 2007-11-30 Informed!...