8828 matches found
vuln-summary.txt
Dear bugtraq, Below is a digest of vulnerabilities published by http://securityvulns.com/ and believed to be previously unpublished in English. All vulnerabilities were reported by MustLive http://websecurity.com.ua/. 1. AwesomeTemplateEngine Crossite scripting Multiple crossite scripting require...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. WordPress: local file include, directory traversal, files modification and information leak...
Arbitrary file edit, Local file include, Directory traversal and Full path disclosure in WordPress
Здравствуйте 3APA3A! Сообщаю вам о найденной мною Arbitrary file edit, Local file include, Directory traversal и Full path disclosure уязвимостях в WordPress. Дыры в файле templates.php в параметрах file и page и файлах edit-pages.php, categories.php, edit-comments.php, moderation.php, post.php и...
MODx 0.9.6.1 - AjaxSearch.php Local File Inclusion
MODx 0.9.6.1 - AjaxSearch.php Local File Inclusion source: https://www.securityfocus.com/bid/27097/info MODx is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability using directory-traversal strings to...
Local file include, Directory traversal and Full path disclosure in WordPress
Здравствуйте 3APA3A! Сообщаю вам о найденной мною Local file include, Directory traversal и Full path disclosure уязвимостях в WordPress. Дыры в файлах index.php, link-manager.php, link-add.php, link-categories.php, link-import.php, theme-editor.php, plugins.php, plugin-editor.php, profile.php,...
New Local file include, Directory traversal and Full path disclosure in WordPress
Здравствуйте 3APA3A! Сообщаю вам о найденной мною новых Local file include, Directory traversal и Full path disclosure уязвимостях в WordPress. Дыры в файлах edit.php и admin.php в параметре page Full path disclosure: http://site/wp-admin/edit.php?page= http://site/wp-admin/admin.php?page= Данные...
MatPo.de Kontakt Formular 1.4 - function.php Remote File Inclusion
MatPo.de Kontakt Formular 1.4 - function.php Remote File Inclusion source: https://www.securityfocus.com/bid/27075/info Kontakt Formular is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to...
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc. WordPress: local file include, directory traversal and information leak...
openbiblio-multi.txt
Security Advisory - - OpenBiblio 0.5.2-pre4 and prior multiple vulnerabilities - ---------------------------------------------------- Product: OpenBiblio Version: Version 0.5.2 Prerelease 4 and prior is affected Url: http://obiblio.sourceforge.net/ Affected by: Full path disclosure, local file...
Local file include, Directory traversal and Full path disclosure in WordPress
Здравствуйте 3APA3A! Сообщаю вам о найденной мною Local file include, Directory traversal и Full path disclosure уязвимостях в WordPress. Дыры в файлах admin.php параметр import и themes.php параметр page. Full path disclosure: http://site/wp-admin/admin.php?import=....wp-config...
CVE-2007-6584
Multiple directory traversal vulnerabilities in 1024 CMS 1.3.1 allow remote attackers to include and execute arbitrary local files via a .. dot dot in 1 the lang parameter to pages/print/default/ops/news.php or 2 the themedir parameter to pages/download/default/ops/search.php; or the adminthemedi...
[Full-disclosure] OpenBiblio 0.5.2-pre4 and prior multiple vulnerabilities
Security Advisory - - OpenBiblio 0.5.2-pre4 and prior multiple vulnerabilities - ---------------------------------------------------- Product: OpenBiblio Version: Version 0.5.2 Prerelease 4 and prior is affected Url: http://obiblio.sourceforge.net/ Affected by: Full path disclosure, local file...
OpenBiblio 0.x - 'staff_del_confirm.php' Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/27053/info OpenBiblio is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. The issues include SQL-injection, cross-site scripting, HTML-injection, and local file-include vulnerabilities...
OpenBiblio 0.x - staff_del_confirm.php Multiple Cross-Site Scripting Vulnerabilities
OpenBiblio 0.x - staffdelconfirm.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/27053/info OpenBiblio is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. The issues include SQL-injection,...
OpenBiblio 0.x - theme_del_confirm.php?name Cross-Site Scripting
OpenBiblio 0.x - themedelconfirm.php?name Cross-Site Scripting source: https://www.securityfocus.com/bid/27053/info OpenBiblio is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. The issues include SQL-injection, cross-site scripting...
AuraCMS 2.2 (admin_users.php) Remote Add Administrator Exploit
Exploit for unknown platform in category web applications ============================================================== AuraCMS 2.2 adminusers.php Remote Add Administrator Exploit ============================================================== !/usr/bin/perl Indonesian Newhack Security Advisory...
Agares Media ThemeSiteScript 1.0 - loadadminpage Remote File Inclusion
Agares Media ThemeSiteScript 1.0 - loadadminpage Remote File Inclusion source: https://www.securityfocus.com/bid/26998/info ThemeSiteScript is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to...
nmn-rfi.txt
┌┌───────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An Unimaginable crack.... ────┐...
NmnNewsletter 1.0.7 (output) Remote File Inclusion Vulnerability
No description provided by source. ┌┌───────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rise...
NmnNewsletter 1.0.7 (output) Remote File Inclusion Vulnerability
Exploit for unknown platform in category web applications ================================================================ NmnNewsletter 1.0.7 output Remote File Inclusion Vulnerability ================================================================...