LetterIt 2.0 - (inc/session.php) Remote File Include Vulnerability

漏洞软件：LetterIt 2.0 软件下载：http://sourceforge.net/projects/letterit.berlios/ 漏洞类型：RFI 远程文件包含漏洞 软件介绍： LetterIt 2.0 是一个基于WEB页面的邮件列表管理器，安装简单并且支持多国语言。它可以通过PHP Mail，sendmail，qmail，SMTP 或者pickup mode（Windows下）等多种方式发送HTML 或者 Text文本消息以及附件到指定邮件列表。 漏洞分析： 这个远程文件包含漏洞出现在LetterIt 2.0的 “inc/session.php” 文件中。 漏洞代码：...

Downstat <= 1.8 (art) Remote File Include Vulnerability

No description provided by source. DESCRIPTION: Remote file include vuln found by sZ sept, 8 2006. SOFTWARE: downstat 1.8 VENDOR URL: http://vmist.net/index.php?script=Downstat DORKs: Login To Downstat 1.8 allinurl:/downstat/ NOTES: greetz to: neo-vortex, sk0tie, icez. visit @ irc.bluehell.org...

Hitweb 3.0 REP_CLASS Multiple Remote File Include Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/20060/info Hitweb is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote file containing...

Knusperleicht Quickie Quick_Path Parameter Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/19271/info Quickie is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include arbitrary remote files containing malicious PHP...

DMCounter 0.9.2 -b Kopf.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17756/info DMCounter is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary...

Pagesetter 6.2/6.3.0 index.PHP Local File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/22733/info Pagesetter is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized user to view files and execute local scripts...

gtcatalog <= 0.9.1 (index.php) Remote File Include Vulnerability

No description provided by source. ============================================================================================= Shopping Catalog RFI ============================================================================================= Info:- Scripts: ShoppingCatalog download :...

PHP-post Web Forum 0.x.1.0 profile.php Multiple Parameter SQL Injection

No description provided by source. source: http://www.securityfocus.com/bid/20061/info PHP-Post is prone to multiple input-validation vulnerabilities, including multiple cross-site scripting, SQL-injection, and remote file-include issues, because the application fails to sanitize user-supplied...

Comment IT 0.2 PathToComment Parameter Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/20739/info Comment IT is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the application and the...

Magic Photo Storage Website admin/add_templates.php _config[site_path] Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/21965/info Magic Photo Storage Website is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the...

PHPWebNotes 2.0 Api.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14679/info phpWebNotes is prone to a remote file include vulnerability. hpWebNotes is susceptible to a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplie...

Vitrax Pre-modded <= 1.0.6-r3 Remote File Include Vulnerability

No description provided by source. credits: CeNGiZ-HaN contact: [email protected] team: www.system-defacers.org risk: High script: vitrax premodded phpbb script site: www.vitrax.org Exploit: http://target/path/includes/functionsportal.php?phpbbrootpath=phpshell.txt? GreeTz No One =...

Blog System 1.x Multiple Input Validation Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/39406/info Blog System is prone to multiple input-validation vulnerabilities because it fails to adequately sanitize user-supplied input. These vulnerabilities include local file-include, SQL-injection, and...

XOOPS 2.3.1 - Multiple Local File Inclusion Vulnerabilities

No description provided by source. Digital Security Research Group DSecRG Advisory DSECRG-08-040 Application: XOOPS Versions Affected: 2.3.1 Vendor URL: http://www.xoops.org/ Bug: Multiple Local File Include Exploits: YES Reported: 10.11.2008 Vendor response: 10.11.2008 Solution: YES Date of Publ...

pc_cookbook Mambo Component <= 0.3 Include Vulnerability

No description provided by source. --------------------------------------------------------------------------------- pccookbook Joomla Component = v0.3 Remote File Include Vulnerabilities --------------------------------------------------------------------------------- Author : Matdhule Contact :...

Pulsewiki And Pawfaliki 0.5.1 Index.PHP Local File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/25575/info Pulsewiki and Pawfaliki are prone to a local file-include vulnerability because the software fails to sufficiently sanitize user-supplied input. Exploiting this issue may allow an unauthorized user to view file...

Chupix CMS Contact Module 0.1 'index.php' Multiple Local File Include Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/30564/info The Contact module for Chupix CMS is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues using directory-traversa...

Indexu 5.0.1 - Multiple Remote File Include Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/18477/info Indexu is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to include...

phpManta <= 1.0.2 (view-sourcecode.php) Local File Include Exploit

No description provided by source. !/usr/bin/perl Script Name: phpManta - Mdoc = 1.0.2 view-sourcecode.php Local File Include Exploit Coded by : ajann Author : ajann Contact : : use IO::Socket; use LWP::Simple; @apache= ../../../../../var/log/httpd/accesslog, ../../../../../var/log/httpd/errorlog...

PHPTreeView 1.0 TreeViewClass.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/20764/info PHPTreeview is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the application and the...