8850 matches found
Elastix 2.2.0 - 'graph.php' Local File Inclusion
source: https://www.securityfocus.com/bid/55078/info Elastix is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to view files and execute local scripts in the context of the web server process. This...
Cyclope Employee Surveillance Solution 6.0 LFI / SQL Injection
Author: loneferret of Offensive Security Product: Cyclope Employee Surveillance Solution v6.0 Version: 6.1.0 & 6.2.0 Vendor Site: http://www.cyclope-series.com/ Software Download: http://www.cyclope-series.com/download/index.html Software description: The employee monitoring software developed by...
Cyclope Employee Surveillance Solution 6.0 6.1.0 6.2.0 - Multiple Vulnerabilities
Cyclope Employee Surveillance Solution 6.0 6.1.0 6.2.0 - Multiple Vulnerabilities Author: loneferret of Offensive Security Product: Cyclope Employee Surveillance Solution v6.0 Version: 6.1.0 & 6.2.0 Vendor Site: http://www.cyclope-series.com/ Software Download:...
Cyclope Employee Surveillance Solution 6.0 6.1.0 6.2.0 - Multiple Vulnerabilities
Author: loneferret of Offensive Security Product: Cyclope Employee Surveillance Solution v6.0 Version: 6.1.0 & 6.2.0 Vendor Site: http://www.cyclope-series.com/ Software Download: http://www.cyclope-series.com/download/index.html Software description: The employee monitoring software developed by...
ProQuiz 2.0.2 LFI / RFI / XSS / SQL Injection
Exploit Title: ProQuiz v2.0.2 - Multiple Vulnerabilities Date: 18/7/2012 Author: L0n3ly-H34rT My Site: http://se3c.blogspot.com/ Contact: [email protected] Vendor Homepage: http://proquiz.softon.org/ Software Link: http://code.google.com/p/proquiz/downloads/list Tested on: Linux/Windows 1-...
XXE Injection in CakePHP and Squiz CMS
Hello! I'll give you additional information concerning advisories CakePHP 2.x-2.2.0-RC2 XXE Injection http://securityvulns.ru/docs28331.html and Squiz CMS Multiple Vulnerabilities http://securityvulns.ru/docs28220.html. It's about XXE Injection in CakePHP and Squiz CMS. Similarly to earlier...
ProQuiz v2.0.2 Multiple Vulnerabilities
Exploit for php platform in category web applications Exploit Title: ProQuiz v2.0.2 - Multiple Vulnerabilities Date: 18/7/2012 Author: L0n3ly-H34rT My Site: http://se3c.blogspot.com/ Contact: email protected Vendor Homepage: http://proquiz.softon.org/ Software Link:...
ProQuiz 2.0.2 - Multiple Vulnerabilities
ProQuiz 2.0.2 - Multiple Vulnerabilities Exploit Title: ProQuiz v2.0.2 - Multiple Vulnerabilities Date: 18/7/2012 Author: L0n3ly-H34rT My Site: http://se3c.blogspot.com/ Contact: [email protected] Vendor Homepage: http://proquiz.softon.org/ Software Link:...
ProQuiz 2.0.2 - Multiple Vulnerabilities
Exploit Title: ProQuiz v2.0.2 - Multiple Vulnerabilities Date: 18/7/2012 Author: L0n3ly-H34rT My Site: http://se3c.blogspot.com/ Contact: [email protected] Vendor Homepage: http://proquiz.softon.org/ Software Link: http://code.google.com/p/proquiz/downloads/list Tested on: Linux/Windows 1-...
Wiki Web Help - 'configpath' Remote File Inclusion
source: https://www.securityfocus.com/bid/55387/info Wiki Web Help is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue could allow an attacker to compromise the application and the underlying system; other attacks ar...
phpProfiles 4.5.4 Beta XSS / RFI / SQL Injection
Exploit for php platform in category web applications Exploit Title: phpProfiles v4.5.4 Beta - Multiple Vulnerabilities Date: 24/7/2012 Author: L0n3ly-H34rT My Site: http://se3c.tk/ Contact: email protected Software Link: http://sourceforge.net/projects/phpprofiles/files/latest/download Tested on...
phpProfiles 4.5.4 Beta XSS / RFI / SQL Injection
Exploit Title: phpProfiles v4.5.4 Beta - Multiple Vulnerabilities Date: 24/7/2012 Author: L0n3ly-H34rT My Site: http://se3c.tk/ Contact: [email protected] Software Link: http://sourceforge.net/projects/phpprofiles/files/latest/download Tested on: Linux/Windows 1- Remote File Include : In Fi...
Joomla Component com_hello Local File Include
Exploit for php platform in category web applications Title : Joomla Component comhello Local File Include Author : Ajax Security Team Discovered By : devilzc0der & Dominator Dork : inurl:"comhello" h0m3 : www.ajaxtm.com Software Link : www.joomla.com Level : High p0c :...
WordPress Post Recommendations Plugin 1.1.2 - Remote File Include
WordPress Post Recommendations plugin's "abspath" parameter is prone to a remote file include vulnerability. It allows an attacker o compromise the application and the underlying system. Other attacks are also possible. Solution Update the plugin...
ECshop local include vulnerability-vulnerability warning-the black bar safety net
js/calendar.php $lang = ! empty$GET'lang' ? trim$GET'lang' : ‘EN’;//no filter, obviously contains a vulnerability if ! fileexists‘../languages/’ . $lang . ‘/calendar.php’ $lang = ‘EN’; requiredirnamedirnameFILE . ‘/data/config.php’; header‘Content-type: application/x-javascript; charset=’...
sflog! 1.00 - Multiple Vulnerabilities
:::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ posdubatgmail.com 2012-07-05 sflog! // 1 ..cut.. 53 requireonce"./includes/entries.inc.php"; // 4 ..cut.. File: ./sflog/includes/pageHeader.inc.ph...
webERP Multiple Remote and Local File Include Vulnerabilities
webERP is prone to multiple remote and local file-include vulnerabilities because it fails to sufficiently sanitize user- supplied input. An attacker may leverage these issues to execute arbitrary server-side script code that resides on an affected computer or in a remote location with the...
webERP Multiple Remote and Local File Include Vulnerabilities
webERP is prone to multiple remote and local file-include vulnerabilities because it fails to sufficiently sanitize user-supplied input. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...
Webify Product Series - Multiple Web Vulnerabilities
Title: ====== Webify Product Series - Multiple Web Vulnerabilities Date: ===== 2012-06-08 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=598 VL-ID: ===== 598 Common Vulnerability Scoring System: ==================================== 6.5 Introduction: ============= Webif...
Webify (Multiple Products) - Multiple HTML Injection Local File Inclusions
Webify Multiple Products - Multiple HTML Injection Local File Inclusions source: https://www.securityfocus.com/bid/54045/info Multiple Webify products are prone to multiple HTML-injection and local file-include vulnerabilities because they fail to properly sanitize user-supplied input. Exploiting...