EUVD-2007-4076

Malware in sbrugna...

EUVD-2006-3003

Malware in sbrugna...

iFoto 1.0 Index.PHP Directory Traversal Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/25065/info iFoto is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. A remote attacker can exploit this issue to view the directory structure of the affected computer...

iFoto 0.20 Index.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/18391/info iFoto is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script...

ifoto-disclose.txt

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- iFoto, CSS-based GD2 photo gallery eNYe-Sec - www.enye-sec.org -- Description by the author's page -- This is yet another Web-based PHP photo gallery called, iFoto. iFoto use 90% CSS-based layout and can be customize ...

iFoto, CSS-based GD2 photo gallery <= 1.0: Remote File Disclosure Vulnerability

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- iFoto, CSS-based GD2 photo gallery = 1.0: Remote File Disclosure Vulnerability -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- $ Program: iFoto, CSS-based GD2 photo gallery $ File...

Directory traversal

Directory traversal vulnerability in index.php in iFoto 1.0.1 and earlier allows remote attackers to list arbitrary directories, and possibly download arbitrary photos, via a .. dot dot in the dir parameter...

CVE-2007-4092

Directory traversal vulnerability in index.php in iFoto 1.0.1 and earlier allows remote attackers to list arbitrary directories, and possibly download arbitrary photos, via a .. dot dot in the dir parameter...

CVE-2007-4092

Directory traversal vulnerability in index.php in iFoto 1.0.1 and earlier allows remote attackers to list arbitrary directories, and possibly download arbitrary photos, via a .. dot dot in the dir parameter...

CVE-2007-4092

CVE-2007-4092 affects iFoto 1.0.1 and earlier. A directory traversal vulnerability exists in index.php where the dir parameter can be manipulated with .. to list arbitrary directories and, possibly, download arbitrary photos. This is the core impact described across multiple sources (NVD, CVE lis...

ifoto-traversal.txt

ifoto traversal folder enumeration Vendor url:http://ifoto.ireans.com/ Advisore:http://lostmon.blogspot.com/2007/07/ ifoto-traversal-folder-enumeration.html vendor notify:no exploit include:yes ifoto contains a flaw that allows a remote traversal arbitrary folder enumeration.This flaw exists...

iFoto 1.0 - index.php Directory Traversal

iFoto 1.0 - index.php Directory Traversal source: https://www.securityfocus.com/bid/25065/info iFoto is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. A remote attacker can exploit this issue to view the directory structure of the affected...

iFoto 1.0 - 'index.php' Directory Traversal

source: https://www.securityfocus.com/bid/25065/info iFoto is prone to a directory-traversal vulnerability because it fails to properly sanitize user-supplied input. A remote attacker can exploit this issue to view the directory structure of the affected computer within the context of the...

CVE-2006-3006

Cross-site scripting XSS vulnerability in iFoto 0.20, and possibly other versions before 0.50, allows remote attackers to inject arbitrary HTML or web script via a base64-encoded file parameter...

CVE-2006-3006

Cross-site scripting XSS vulnerability in iFoto 0.20, and possibly other versions before 0.50, allows remote attackers to inject arbitrary HTML or web script via a base64-encoded file parameter...

CVE-2006-3006

The CVE-2006-3006 entry describes a Cross-site scripting (XSS) vulnerability in iFoto 0.20 and possibly earlier versions before 0.50, exploitable via a base64-encoded file parameter that allows remote injection of HTML or web script. Affected component is the web application’s handling of the bas...

iFoto 0.20 - index.php Cross-Site Scripting

iFoto 0.20 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/18391/info iFoto is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrar...

iFoto 0.20 - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/18391/info iFoto is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browser of an...