CVE-2005-3936

PHP file include vulnerability in SocketKB 1.1.0 and earlier allows remote attackers to include arbitrary local files via the f parameter...

CVE-2005-3936

PHP file include vulnerability in SocketKB 1.1.0 and earlier allows remote attackers to include arbitrary local files via the f parameter...

PHP Photo Album 0.2.3/4.1 - Local File Inclusion

source: https://www.securityfocus.com/bid/15651/info phpAlbum is prone to a local file-include vulnerability. An attacker may leverage this issue to execute arbitrary server-side script code that resides on an affected computer with the privileges of the webserver process. Note that this issue ma...

phpAlbum Local file include vuln.

phpAlbum Local file include vuln. Vuln. dicovered by : r0t Date: 30 nov. 2005 orginal advisory:http://pridels.blogspot.com/2005/11/phpalbum-local-file-include-vuln.html Vendor:http://www.phpalbum.net/ affected version:v0.2.3 and prior Product Description: It is easy to install and run PHP Photo...

GuppY 4.5 - 'editorTypetool.php?meskin' Traversal Arbitrary File Access

source: https://www.securityfocus.com/bid/15610/info GuppY is affected by multiple local file include and information disclosure vulnerabilities. An attacker may leverage these issues to execute arbitrary server-side script code that resides on an affected computer with the privileges of the Web...

GuppY 4.5 - dbbatch.php?lng Traversal Arbitrary File Access

GuppY 4.5 - dbbatch.php?lng Traversal Arbitrary File Access source: https://www.securityfocus.com/bid/15610/info GuppY is affected by multiple local file include and information disclosure vulnerabilities. An attacker may leverage these issues to execute arbitrary server-side script code that...

vTiger CRM 4.2 - SQL Injection

vTiger CRM 4.2 - SQL Injection source: https://www.securityfocus.com/bid/15562/info vtiger CRM is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. vTiger CRM is prone to multiple SQL injection, HTML...

vTiger CRM 4.2 - SQL Injection

source: https://www.securityfocus.com/bid/15562/info vtiger CRM is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. vTiger CRM is prone to multiple SQL injection, HTML injection, cross-site scripting...

vTiger CRM 4.2 RSS Aggregation Module - Feed Cross-Site Scripting

source: https://www.securityfocus.com/bid/15562/info vtiger CRM is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. vTiger CRM is prone to multiple SQL injection, HTML injection, cross-site scripting...

CVE-2004-2541

Buffer overflow in Cscope 15.5, and possibly multiple overflows, allows remote attackers to execute arbitrary code via a C file with a long include line that is later browsed by the target...

CVE-2004-2541

Buffer overflow in Cscope 15.5, and possibly multiple overflows, allows remote attackers to execute arbitrary code via a C file with a long include line that is later browsed by the target...

Mambo Open Source / Joomla! GLOBALS Variable Remote File Include

The version of Mambo Open Source or Joomla! running on the remote host is affected by a remote file include vulnerability due to allowing the the GLOBALS variable array to be overwritten whenever the PHP 'registerglobals' setting is disabled. An unauthenticated, remote attacker can exploit this...

XOOPS xoopsConfig[language] Parameter Local File Inclusion (XOOPS_WFd205_xpl)

The remote installation of XOOPS fails to sanitize user-supplied input to the 'xoopsConfiglanguage' parameter of several xoopseditor scripts before using it in PHP 'include' functions. An unauthenticated attacker may be able to leverage these issues to read arbitrary local files and even execute...

CodeGrrl Applications Remote File Inclusion Vulnerabilities

The remote host appears to be running at least one of the PHP applications from CodeGrrl - PHPCalendar, PHPClique, PHPFanBase, or PHPQuotes. Under certain conditions, these applications fail to sanitize input to the 'siteurl' parameter of the 'protection.php' script before using it in a PHP...

PHPWCMS 1.2.5 -DEV - login.php?form_lang Traversal Arbitrary File Access

PHPWCMS 1.2.5 -DEV - login.php?formlang Traversal Arbitrary File Access source: https://www.securityfocus.com/bid/15436/info phpWCMS is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issu...

PHPWCMS 1.2.5 -DEV - 'login.php?form_lang' Traversal Arbitrary File Access

source: https://www.securityfocus.com/bid/15436/info phpWCMS is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to obtain sensitive information that may help with further attacks on...

PHPWCMS 1.2.5 -DEV - imgdir Traversal Arbitrary File Access

PHPWCMS 1.2.5 -DEV - imgdir Traversal Arbitrary File Access source: https://www.securityfocus.com/bid/15436/info phpWCMS is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to obtain...

iCMS Remote File Include Vulnerability

iCMS Remote File Include Vulnerability Author: r0t hackers.by.lv Date: 14. nov 2005 software:iCMS vendor:http://www.cogilent.com/ software description: iCMS is an interactive Web Content Management System. The purpose of this product is to facilitate organizations that require power solutions to...

PCCS-Mysql User/Password Exposure

It is possible to read the include file of PCCS-Mysql, dbconnect.inc on the remote server. This include file contains information such as the username and password used to connect to the database. OpenVAS Vulnerability Test $Id: pccsmysqladm.nasl 8023 2017-12-07 08:36:26Z teissa $ Description:...

BlackBoard Internet Newsboard System remote file include flaw

The remote version of BlackBoard Internet Newsboard System is vulnerable to a remote file include flaw due to a lack of sanitization of user-supplied data. SPDX-FileCopyrightText: 2004 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...