phpLDAPadmin 0.9.60.9.7 - welcome.php Arbitrary File Inclusion

phpLDAPadmin 0.9.60.9.7 - welcome.php Arbitrary File Inclusion source: https://www.securityfocus.com/bid/14695/info phpldapadmin is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. phpldapadmin is...

phpAdsNew / phpPgAds < 2.0.6 Multiple Vulnerabilities

The remote host is running phpAdsNew / phpPgAds, an open source banner ad server. The version of phpAdsNews / phpPgAds installed on the remote host suffers from several flaws : - Remote PHP Code Injection Vulnerability The XML-RPC library bundled with the application allows an attacker to inject...

Autolinks 2.1 Pro - &#039;Al_initialize.php&#039; Remote File Inclusion

source: https://www.securityfocus.com/bid/14686/info AutoLinks Pro is prone to a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary server-side script code on an...

PHPWebNotes 2.0 - Api.php Remote File Inclusion

PHPWebNotes 2.0 - Api.php Remote File Inclusion source: https://www.securityfocus.com/bid/14679/info phpWebNotes is prone to a remote file include vulnerability. hpWebNotes is susceptible to a remote file include vulnerability. This issue is due to a failure in the application to properly sanitiz...

W-Agora < 4.2.1 index.php site Parameter Traversal Arbitrary File Access

Binary data 3171.prm...

CVE-2005-2616

Multiple PHP file include vulnerabilities in ezUpload 2.2 allow remote attackers to execute arbitrary code via the path parameter to 1 initialize.php, 2 customize.php, 3 form.php, or 4 index.php...

CVE-2005-2616

CVE-2005-2616 concerns ezUpload version 2.2 where multiple PHP files (initialize.php, customize.php, form.php, index.php) are vulnerable to improper handling of the path parameter used for including PHP code. The underlying issue enables remote attackers to cause arbitrary code execution by manip...

CVE-2005-2607

PHP file include vulnerability in download.php in PHPSimplicity Simplicity oF Upload before 1.3.1 allows remote attackers to include arbitrary local and remote files via the language parameter and a terminating null "%00" characters...

CVE-2005-2607

PHP file include vulnerability in download.php in PHPSimplicity Simplicity oF Upload before 1.3.1 allows remote attackers to include arbitrary local and remote files via the language parameter and a terminating null "%00" characters...

CVE-2003-1227

Technical details for CVE-2003-1227 are not provided in the supplied documents. Please monitor for updates from official advisories and vendor notices.

CVE-2003-1227

PHP remote file include vulnerability in index.php for Gallery 1.4 and 1.4-pl1, when running on Windows or in Configuration mode on Unix, allows remote attackers to inject arbitrary PHP code via a URL in the GALLERYBASEDIR parameter, a different vulnerability than CVE-2002-1412. NOTE: this issue...

CVE-2004-2341

PHP file include injection vulnerability in isearch.inc.php for iSearch allows remote attackers to execute arbitrary code via the isearchpath parameter...

postnukeSQL0760rc3.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 PostNuke Non Critical SQL Injection and Include 0.760-RC3=x cXIb8O3.10 Author: cXIb8O3Maksymilian Arciemowicz Date: 2.4.2005 from securityreason.com TEAM - --- 0.Description --- PostNuke: The Phoenix Release 0.760-RC3=X PostNuke is an open source, ope...

SysCP < 1.2.11 Multiple Script Command Execution Vulnerabilities

The remote host is running SysCP, an open source control panel written in PHP. The version of SysCP installed on the remote host uses user-supplied input to several variables in various scripts without sanitizing it. Provided PHP's 'registerglobals' setting is enabled, an attacker can exploit the...

SysCP 1.2.x - Multiple Script Execution Vulnerabilities

SysCP 1.2.x - Multiple Script Execution Vulnerabilities source: https://www.securityfocus.com/bid/14490/info SysCP is affected by multiple script execution vulnerabilities. The following specific vulnerabilities were identified: The application is affected by a remote file include vulnerability. ...

SysCP 1.2.x - Multiple Script Execution Vulnerabilities

source: https://www.securityfocus.com/bid/14490/info SysCP is affected by multiple script execution vulnerabilities. The following specific vulnerabilities were identified: The application is affected by a remote file include vulnerability. An attacker can include remote script code and execute i...

yappang231.txt

GulfTech Security Research May 11th, 2005 Vendor : Fritz Berger URL : http://sourceforge.net/projects/yappa-ng/ Version : yappa-ng 2.3.1 && Earlier Risk : Multiple Vulnerabilities Description: Yappa-NG is the second generation new and improved version of Yappa yet another php photo album. There a...

Simplicity oF Upload download.php language Parameter Local File Inclusion

The remote host is running Simplicity oF Upload, a free PHP script to manage file uploads. The version of Simplicity oF Upload installed on the remote host fails to sanitize user-supplied input to the 'language' parameter of the 'download.php' script. By leveraging this flaw, an attacker may be...

apa-include.txt

Atomic Photo Album APA apaphpinclude.inc.php remote file include : ------------------------------------------------------------ Name: Atomic Photo Album APA Version: all Homepage: http://atomicpa.sourceforge.net/ Author: pclabs / lwdz - RandomHero Date: 20 July 2005...

CVE-2005-2319

CVE-2005-2319 describes a PHP remote file include vulnerability in the Yawp library (version 1.0.6 and earlier) as used in YaWiki and potentially other products. The issue allows attackers to include arbitrary files via the parameter _Yawp[conf_path] . Affected software: Yawp library 1.0.6 and ol...