22 matches found
EUVD-2002-1846
Malware in sbrugna...
EUVD-2002-1780
Malware in sbrugna...
EUVD-2002-1318
Malware in sbrugna...
CVE-2002-1801
ImageFolio 2.23 through 2.27 allows remote attackers to obtain sensitive information via a nonexistent image category, which leaks the web root in the resulting error message...
BizDesign ImageFolio 2.x/3.0.1 nph-build.cgi XSS
No description provided by source. source: http://www.securityfocus.com/bid/6265/info Reportedly, ImageFolio is prone to cross site scripting attacks due to insufficient sanitization of user-supplied input. The vulnerability exists in various cgi scripts included with ImageFolio. As a result, it ...
ImageFolio 2.2x/3.0/3.1 Admin.CGI Directory Traversal Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7828/info ImageFolio 'admin.cgi' has been reported prone to a directory traversal vulnerability. By supplying directory traversal sequences, as a URI parameter, to the 'admin.cgi' script an attacker may break out of the w...
BizDesign ImageFolio 2.x/3.0.1 imageFolio.cgi direct Parameter XSS
No description provided by source. source: http://www.securityfocus.com/bid/6265/info Reportedly, ImageFolio is prone to cross site scripting attacks due to insufficient sanitization of user-supplied input. The vulnerability exists in various cgi scripts included with ImageFolio. As a result, it ...
CVE-2002-1867
The CVE-2002-1867 entry concerns BizDesign ImageFolio versions 2.23–2.26 where default configuration fails to restrict access to admin/setup.cgi and admin/nph-build.cgi. This allows remote attackers to (1) create an administrative account and (2) trigger a denial of service (CPU consumption). The...
CVE-2002-1801
Vulnerability summary (CVE-2002-1801) ImageFolio versions 2.23 through 2.27 allow remote attackers to obtain sensitive information by querying a nonexistent image category, causing an error message that leaks the web root. This is the explicit impact described across multiple sources (NVD/Red Hat...
CVE-2002-1801
ImageFolio 2.23 through 2.27 allows remote attackers to obtain sensitive information via a nonexistent image category, which leaks the web root in the resulting error message...
imageFolio.cgi Multiple Vulnerabilities
Binary data 1668.prm...
ImageFolio All Versions : admin.cgi Directory transversal and file delete exploit.
/---------------------------- Pimp industries. -----------------------------/ ImageFolio All Versions : admin.cgi Directory transversal and file delete exploit. Company: www.imagefolio.com Background ------------- ImageFolio is a multi-platform, server-based, software...
ImageFolio Default Password
The remote host is running the ImageFolio image gallery manager. This CGI is installed with a default administrator username and password Admin/ImageFolio that has not been modifed. An attacker could exploit this flaw to administrate this installation. In addition to this, the CGI admin.cgi has a...
CVE-2002-1801
ImageFolio 2.23 through 2.27 allows remote attackers to obtain sensitive information via a nonexistent image category, which leaks the web root in the resulting error message...
CVE-2002-1867
The default configuration of BizDesign ImageFolio 2.23 through 2.26 does not control access to 1 admin/setup.cgi, which allows remote attackers to create an administrative account, or 2 admin/nph-build.cgi, which allows remote attackers to cause a denial of service CPU consumption...
CVE-2002-1334
Cross-site scripting XSS vulnerability in BizDesign ImageFolio 3.01 and earlier allows remote attackers to execute arbitrary web script as other users via 1 the direct parameter in imageFolio.cgi, or 2 nph-build.cgi...
CVE-2002-1334
Technical details about CVE-2002-1334 are not publicly available in the provided documents. No vendor, product version, vulnerable component, or remediation is specified here. Monitor for updates in the connected sources.
CVE-2002-1334
Cross-site scripting XSS vulnerability in BizDesign ImageFolio 3.01 and earlier allows remote attackers to execute arbitrary web script as other users via 1 the direct parameter in imageFolio.cgi, or 2 nph-build.cgi...
Cross-site Scripting Vulnerability in ImageFolio Image Gallery Software
Alert URL http://www.securitytracker.com/alerts/2002/Nov/1005681.html Date November 27, 2002 Title Cross-site Scripting Vulnerability in ImageFolio Image Gallery Software Vendor BizDesign Product ImageFolio URL http://www.imagefolio.com/ Description An input validation vulnerability exists in...
BizDesign ImageFolio 2.x/3.0.1 - 'imageFolio.cgi?direct' Cross-Site Scripting
source: https://www.securityfocus.com/bid/6265/info Reportedly, ImageFolio is prone to cross site scripting attacks due to insufficient sanitization of user-supplied input. The vulnerability exists in various cgi scripts included with ImageFolio. As a result, it is possible for a remote attacker ...