Joomla YJ Contact us Component 'view' Parameter Local File Include Vulnerability

YJ Contact us component for Joomla! is prone to a local file- include vulnerability because it fails to properly sanitize user- supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and execute arbitrary local scripts in the context of the webserve...

Joomla YJ Contact us Component LFI Vulnerability (Nov 2011) - Active Check

YJ Contact us component for Joomla! is prone to a local file include LFI vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...

1024 CMS 1.1.0 Beta 'force_download.php' Local File Include Vulnerability

1024 CMS 1.1.0 Beta is prone to a local file-include vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and to execute arbitrary local scripts in the context of the Web server process...

Sports PHool <= 1.0 Remote File Include Exploit

Exploit for php platform in category web applications " ."target:" ."evil:" ."cmd:" ."" .""; if !isset$POST'submit' echo $form; else $file = fopen "test.txt", "w+"; fwrite$file, ""; fclose$file; $file = fopen $target.$evil, "r"; if !$file echo "Unable to get output.\n"; exit; echo $form; while...

1024 CMS <= 1.1.0 Beta LFI Vulnerability - Active Check

1024 CMS 1.1.0 Beta is prone to a local file include LFI vulnerability because it fails to sufficiently sanitize user-supplied input. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Joomla NoNumber! Extension Manager Plugin LFI and PHP Code Injection Vulnerabilities (Nov 2011) - Active Check

NoNumber! Extension Manager is prone to multiple input validation vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to inject arbitrary PHP code and include and execute arbitrary files from the vulnerable system in the context of the...

Joomla NoNumber! Extension Manager Plugin Local File Include and PHP code Injection Vulnerabilities

NoNumber! Extension Manager is prone to multiple input-validation vulnerabilities because it fails to properly sanitize user- supplied input. An attacker can exploit these issues to inject arbitrary PHP code and include and execute arbitrary files from the vulnerable system in the context of the...

WordPress teachPress 'root' Multiple Local File Include Vulnerabilities

The teachPress plug-in for WordPress is prone to multiple local file include vulnerabilities because it fails to adequately validate user-supplied input. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

WordPress Light Post Plugin 'abspath' Parameter Remote File Include Vulnerability

The Light Post WordPress Plugin is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

POSH Local File Include and Cross Site Scripting Vulnerabilities

POSH is prone to a local file-include vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user- supplied input. An attacker can exploit the local file-include vulnerability using directory-traversal strings to view and execute local files within the contex...

PHP 5.3.7, 5.3.8 Remote File Include Vulnerability

PHP is prone to a remote file include vulnerability because it fails to properly implement the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

WordPress AllWebMenus Plugin 'abspath' Parameter Remote File Include Vulnerability

The AllWebMenus plug-in for WordPress is prone to a remote file- include vulnerability because it fails to sufficiently sanitize user- supplied input. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respecti...

Vivvo CMS-local file include and fix-vulnerability warning-the black bar safety net

Title: Vivvo CMS - Local File include ! Author: JaBrOtxHaCkEr www. Email My ^ ^ ! !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! Defects program Vivvo CMS is an intuitive content management system atop a powerful programming framework, empowering numerous industry leading online newspapers,...

CVE-2011-3371

Multiple cross-site scripting XSS vulnerabilities in include/functions.php in PunBB before 1.3.6 allow remote attackers to inject arbitrary web script or HTML via the 1 id, 2 formsent, 3 csrftoken, 4 reqconfirm, or 5 delete parameter to delete.php, the 6 id, 7 formsent, 8 csrftoken, 9 reqmessage,...

MantisBT < 1.2.8 Multiple Local File Include and XSS Vulnerabilities

MantisBT is prone to multiple local file include and cross-site scripting XSS vulnerabilities. Copyright C 2011 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-lat...

Digital College 'basepath' Parameter Multiple Remote File Include Vulnerabilities

Digital College is prone to multiple remote file-include vulnerabilities because the application fails to sufficiently sanitize user-supplied input. Exploiting these issues may allow a remote attacker to obtain sensitive information or to execute arbitrary script code in the context of the Web...

MyNews 1.2 'basepath' Parameter Multiple Remote File Include Vulnerabilities

MyNews 1.2 is prone to multiple remote file-include vulnerabilities because the application fails to sufficiently sanitize user- supplied input. Exploiting these issues may allow a remote attacker to obtain sensitive information or to execute arbitrary script code in the context of the Web server...

Digital College <= 1.1 Multiple RFI Vulnerabilities - Active Check

Digital College is prone to multiple remote file-include vulnerabilities because the application fails to sufficiently sanitize user-supplied input. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...

CVE-2011-3722

Coppermine Photo Gallery CPG 1.5.12 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by include/inspekt.php and certain other files...

EasySiteEdit 'sublink.php' Remote File Include Vulnerability

EasySiteEdit is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible. OpenVAS Vulnerability Test $Id:...