[DSECRG-08-020] RFI-LFI in PowerClan 1.14a

DSECRG-08-020 Digital Security Research Group DSecRG Advisory Application: PowerClan Versions Affected: 1.14a Vendor URL: http://www.powerscripts.org/ Bug: Remote/Local File Include Exploits: YES Reported: 01.02.2008 Vendor Response: none Solution: none Date of Public Advisory: ..2008 Author:...

Quick Classifieds 1.0 - 'controlcenter/manager.php3?DOCUMENT_ROOT' Remote File Inclusion

source: https://www.securityfocus.com/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the underlying system; othe...

Quick Classifieds 1.0 - 'controlpannel/createHomepage.php3?DOCUMENT_ROOT' Remote File Inclusion

source: https://www.securityfocus.com/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the underlying system; othe...

Quick Classifieds 1.0 - controlpannelsetUp.php3?DOCUMENT_ROOT Remote File Inclusion

Quick Classifieds 1.0 - controlpannelsetUp.php3?DOCUMENTROOT Remote File Inclusion source: https://www.securityfocus.com/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues...

Quick Classifieds 1.0 - styledefault.scheme.inc?DOCUMENT_ROOT Remote File Inclusion

Quick Classifieds 1.0 - styledefault.scheme.inc?DOCUMENTROOT Remote File Inclusion source: https://www.securityfocus.com/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues...

PowerBook 1.21 (index.php page) Local File Inclusion Vulnerability

Exploit for unknown platform in category web applications ================================================================== PowerBook 1.21 index.php page Local File Inclusion Vulnerability ================================================================== DSECRG-08-019 Digital Security Research...

Quick Classifieds 1.0 - 'controlpannel/index.php3?DOCUMENT_ROOT' Remote File Inclusion

source: https://www.securityfocus.com/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the underlying system; othe...

Immunity Canvas: PHPAUCTION_INCLUDE

Name| phpauctioninclude ---|--- CVE| CVE-2008-1416 Exploit Pack| CANVAS Description| PHPauction GPL 2.51 Remote File include Notes| CVE Name: CVE-2008-1416 VENDOR: phpauction.net Repeatability: Infinite References: http://securityreason.com/exploitalert/3558 CVE Url:...

Elastic Path 4.1 - '/manager/getImportFileRedirect.jsp?file' Traversal Arbitrary File Access

source: https://www.securityfocus.com/bid/28352/info Elastic Path is prone to multiple input-validation vulnerabilities because it fails to properly sanitize user-supplied input. These issues include: - A local file-include vulnerability. - An arbitrary file-upload vulnerability. - A...

W-Agora 4.0 - delete_user.php?bn_dir_default Remote File Inclusion

W-Agora 4.0 - deleteuser.php?bndirdefault Remote File Inclusion source: https://www.securityfocus.com/bid/28366/info w-Agora is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to...

W-Agora 4.0 - reorder_forums.php?bn_dir_default Remote File Inclusion

W-Agora 4.0 - reorderforums.php?bndirdefault Remote File Inclusion source: https://www.securityfocus.com/bid/28366/info w-Agora is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to...

W-Agora 4.0 - 'reorder_forums.php?bn_dir_default' Remote File Inclusion

source: https://www.securityfocus.com/bid/28366/info w-Agora is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks...

W-Agora 4.0 - 'add_user.php?bn_dir_default' Remote File Inclusion

source: https://www.securityfocus.com/bid/28366/info w-Agora is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks...

W-Agora 4.0 - 'moderate_notes.php?bn_dir_default' Remote File Inclusion

source: https://www.securityfocus.com/bid/28366/info w-Agora is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks...

W-Agora 4.0 - 'create_forum.php?bn_dir_default' Remote File Inclusion

source: https://www.securityfocus.com/bid/28366/info w-Agora is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks...

W-Agora 4.0 - edit_forum.php?bn_dir_default Remote File Inclusion

W-Agora 4.0 - editforum.php?bndirdefault Remote File Inclusion source: https://www.securityfocus.com/bid/28366/info w-Agora is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to...

Elastic Path 4.1 - '/manager/FileManager.jsp?dir' Traversal Arbitrary Directory Listing

source: https://www.securityfocus.com/bid/28352/info Elastic Path is prone to multiple input-validation vulnerabilities because it fails to properly sanitize user-supplied input. These issues include: - A local file-include vulnerability. - An arbitrary file-upload vulnerability. - A...

W-Agora 4.0 - delete_notes.php?bn_dir_default Remote File Inclusion

W-Agora 4.0 - deletenotes.php?bndirdefault Remote File Inclusion source: https://www.securityfocus.com/bid/28366/info w-Agora is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to...

ShopEx PHP remote include vulnerability-vulnerability warning-the black bar safety net

Article author: lonely hacker Source of information: Affects versions: 4.7 and below verifycode.php ? php / Login verification code generating file @package ShopEx online store system @version 4.6 @author ShopEx. cn [email protected] @url @since PHP 4.3 @copyright ShopEx. cn / if ! defined"ISSHOP...

phpauction-rfi.txt

Name : PHPauction GPL 2.51 Multiple Remote File Include Vulnerabilities Download From : http://www.johnrayfield.com/phpauction/phpauction-gpl-enhanced-251.zip Found By : RoMaNcYxHaCkEr RoMaNTiC-TeaM BlackxHat , BlackBox , alwheed Home Page : WwW.4RxH.CoM...