Omnistar Document Manager 8.0 LFI / XSS / SQL Injection

Title: ====== Omnistar Document Manager v8.0 - Multiple Vulnerabilities Date: ===== 2012-10-03 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=712 VL-ID: ===== 712 Common Vulnerability Scoring System: ==================================== 8.3 Introduction: =============...

Omnistar Document Manager 8.0 - Multiple Vulnerabilities

Title: ====== Omnistar Document Manager v8.0 - Multiple Vulnerabilities Date: ===== 2012-10-03 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=712 VL-ID: ===== 712 Common Vulnerability Scoring System: ==================================== 8.3 Introduction: =============...

CVE-2009-5067

Directory traversal vulnerability in html2ps before 1.0b6 allows remote attackers to read arbitrary files via a .. dot dot in the "include file" SSI directive. NOTE: this issue only might be a vulnerability in limited scenarios, such as if html2ps is invoked by a web application, or if a...

PT-2012-1276 · Html2Ps · Html2Ps

Name of the Vulnerable Software and Affected Versions: html2ps versions prior to 1.0b6 Description: The issue allows remote attackers to read arbitrary files via a .. dot dot in the include file SSI directive. This might be a problem in limited scenarios, such as if html2ps is invoked by a web...

TECNO DYNAMICS - Sql injection / Local File Include Vulnerabilities

Exploit for php platform in category web applications Exploit Title: TECNO DYNAMICS - SQL INJECTION & LFI Date: 08/10/2012 Author: k2ll33d Vendor : http://www.tecnoglobal.com/ Version: N/A Category: webapps Google dork: "inurl:templatehome.php4 intext:Todos los Derechos Reservados" vuln: SQLI...

Open Realty - 'select_users_lang' Local File Inclusion

source: https://www.securityfocus.com/bid/55834/info Open Realty is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information or to execute arbitrary local scripts i...

Open Realty - select_users_lang Local File Inclusion

Open Realty - selectuserslang Local File Inclusion source: https://www.securityfocus.com/bid/55834/info Open Realty is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive...

phpMyChat Plus 1.94 RC1 LFI / XSS / RFI / SQL Injection

Exploit Title: phpMyChat Plus v1.94 RC1 Multiple Remote Vulnerabilities Date: 04/10/2012 Author: L0n3ly-H34rT Contact: [email protected] My Site: http://se3c.blogspot.com/ Vendor Link: http://sourceforge.net/projects/phpmychat/ Software Link:...

Omnistar Document Manager v8.0 - Multiple Vulnerabilities

Document Title: =============== Omnistar Document Manager v8.0 - Multiple Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=712 Release Date: ============= 2012-10-02 Vulnerability Laboratory ID VL-ID: ==================================== 7...

Omnistar Document Manager v8.0 - Multiple Vulnerabilities

Document Title: =============== Omnistar Document Manager v8.0 - Multiple Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=712 Release Date: ============= 2012-10-02 Vulnerability Laboratory ID VL-ID: ==================================== 7...

php execution vulnerability parsing-vulnerability warning-the black bar safety net

A code to perform the function In PHP you can execute the Code of the function. Such as eval , assert , the“and system and exec and shellexec and passthru and escapeshellcmd and pcntlexec , etc. demo code 1.1: ? php echo dir; ?& gt; The second file contains the code injection The file containing...

php file include vulnerability solution-exploits warning-the black bar safety net

Now the program code is written more and more strange, it is a file that contains the code you can write 2 ways: require the include Be the first to say require if error then terminate the output and include if error then continue execution. If a website Management User write in auth. php, and...

Wiki Web Help <= 0.3.11 RFI Vulnerability - Active Check

Wiki Web Help is prone to a remote file include RFI vulnerability because it fails to sufficiently sanitize user-supplied input. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in Newscoop 3.5.x before 3.5.5 and 4 before RC4, when registerglobals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the GLOBALSgcampsiteDir parameter to 1 include/phorumload.php, 2 conf/installconf.php, or 3...

PHP Web Scripts Text Exchange Pro - &#039;page&#039; Local File Inclusion

source: https://www.securityfocus.com/bid/55205/info PHP Web Scripts Text Exchange Pro is prone to a local file-include vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker can exploit this vulnerability to view files and execute local scripts in the context of...

PHP Web Scripts Text Exchange Pro - page Local File Inclusion

PHP Web Scripts Text Exchange Pro - page Local File Inclusion source: https://www.securityfocus.com/bid/55205/info PHP Web Scripts Text Exchange Pro is prone to a local file-include vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker can exploit this...

WeBid Remote File Include and SQLi Vulnerabilities

WeBid to a remote file-include issue and an SQL injection SQLi issue. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Elastix 'graph.php' Local File Include Vulnerability

Elastix is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Vtiger CRM LFI Vulnerability (Aug 2012) - Active Check

Vtiger CRM is prone to a local file include LFI vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Elastix 2.2.0 - graph.php Local File Inclusion

Elastix 2.2.0 - graph.php Local File Inclusion source: https://www.securityfocus.com/bid/55078/info Elastix is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to view files and execute local scripts ...