Media in Spot CMS 'page' Parameter Local File Include Vulnerability

Media in Spot CMS is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and to execute arbitrary local scripts in the context of the webserver process. This m...

Media in Spot CMS 'page' Parameter Local File Include Vulnerability

Media in Spot CMS is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Design/Logic Flaw

The make include files in NetBSD before 1.6.2, as used in pmake 1.111 and other products, allow local users to overwrite arbitrary files via a symlink attack on a /tmp/depend temporary file, related to 1 bsd.lib.mk and 2 bsd.prog.mk...

CVE-2011-1920

The make include files in NetBSD before 1.6.2, as used in pmake 1.111 and other products, allow local users to overwrite arbitrary files via a symlink attack on a /tmp/depend temporary file, related to 1 bsd.lib.mk and 2 bsd.prog.mk...

Exponent CMS 2.0.0 Beta 1.1 - Local File Inclusion Arbitrary File Upload

Exponent CMS 2.0.0 Beta 1.1 - Local File Inclusion Arbitrary File Upload source: https://www.securityfocus.com/bid/47757/info Exponent CMS is prone to a local file-include vulnerability and an arbitrary-file-upload vulnerability. An attacker can exploit these issues to upload arbitrary files onto...

EasyTalk microblogging system X1. X file contains the vulnerability and the Fix-vulnerability warning-the black bar safety net

EasyTalk microblogging system X1. X file contains the vulnerability PluginsAction.class.php parameters in the file $GET'out' without any filter, directly take to call the include file, the resulting vulnerabilities generated. PluginsAction.class.php to:...

Dolibarr <= 3.0.0 Multiple Vulnerabilities - Active Check

Dolibarr is prone to a local file include LFI vulnerability and a cross-site scripting XSS vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by...

Atlassian Confluence 2.x >= 2.7 / 3.x < 3.4.9 Multiple XSS

According to its self-reported version number, the instance of Atlassian Confluence on the remote host is a 2.x version that is 2.7 or later, or else version 3.x prior to 3.4.9. It is, therefore, affected by multiple cross-site scripting vulnerabilities. Errors in the validation of input data to...

PHP code execution vulnerability references summary-vulnerability warning-the black bar safety net

A code execution function In PHP you can execute the Code of the function. Such as eval , assert , theand system and exec and shellexec and passthru and escapeshellcmd and pcntlexec , etc. demo code 1.1: The second file contains the code injection The file containing the function in the specific...

SQL-Ledger <= 2.8.33 Post-authentication LFI/Edit Vulnerability

Exploit for php platform in category web applications Exploit Title: SQL-Ledger = 2.8.33 Post-authentication Local File Include/Edit Vulnerability Google Dork: inurl:/sql-ledger/login.pl Date: April 15, 2011 Author: bitform Software Link: http://www.sql-ledger.com/source/sql-ledger-2.8.33.tar.gz...

Joomla Module Virtuemart Latestprod RFI Vulnerability

Exploit for php platform in category web applications Title : Joomla Module Virtuemart Latestprod RFI Vulnerability Author : KedAns-Dz E-mail : email protected | email protected Home : HMD/AM 30008/04300 - Algeria -00213555248701 Twitter page : twitter.com/kedans platform : php Impact : Remote Fi...

Joomla Module Virtuemart Featureprod RFI Vulnerability

Exploit for php platform in category web applications Title : Joomla Module Virtuemart Featureprod RFI Vulnerability Author : KedAns-Dz E-mail : email protected | email protected Home : HMD/AM 30008/04300 - Algeria -00213555248701 Twitter page : twitter.com/kedans platform : php Impact : Remote...

Joomla Virtuemart Latestprod Remote File Inclusion

Title : Joomla Module Virtuemart Latestprod RFI Vulnerability Author : KedAns-Dz E-mail : [email protected] | [email protected] Home : HMD/AM 30008/04300 - Algeria -00213555248701 Twitter page : twitter.com/kedans platform : php Impact : Remote File Include Tested on : Windows XP sp3 FR Note :...

WordPress Spellchecker Plugin 3.1 - Local and Remote File Include Vulnerabilities

This Spellchecker plugin's "general.php" parameter is prone to remote file include and local file include vulnerabilities because of application's failure to sufficiently clean up user-supplied input. These issues allow an attacker to execute arbitrary local and remote scripts in the context of t...

WordPress custom page plugin remote include vulnerability-vulnerability warning-the black bar safety net

Worepress a custom page plug-in there remote include vulnerability. Plugin name: wp custom pages version: 0.5.0.1 Have installed please hurry up and upgrade to the new version. Send a test. As follows: So say with a wordpress classmates don't install too many plug-ins. One more more of a danger...

LFI Vulnerability in 024cms Admin Control Panel v1.1.0 Beta &#40;Complete-Modules Package&#41;

============================================================================================================= 1024cms Admin Control Panel v1.1.0 Beta Complete-Modules Package - Local File Include Vulnerability...

LFI Vulnerability in 1024cms Admin Control Panel v1.1.0 Beta &#40;Master-cPanel Package&#41;

========================================================================================================== 1024cms Admin Control Panel v1.1.0 Beta Master-cPanel Package - Local File Include Vulnerability...

1024 CMS 1.1.0 Beta - Multiple Input Validation Vulnerabilities

source: https://www.securityfocus.com/bid/47282/info 1024cms is prone to multiple cross-site scripting vulnerabilities, multiple local file-include vulnerabilities, and a directory-traversal vulnerability An attacker may leverage these issues to execute arbitrary script code in the browser of an...

vTiger CRM 5.2.1 - sortfieldsjson.php Local File Inclusion

vTiger CRM 5.2.1 - sortfieldsjson.php Local File Inclusion source: https://www.securityfocus.com/bid/47263/info vtiger CRM is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially...

1024 CMS 1.1.0 Beta - Multiple Input Validation Vulnerabilities

1024 CMS 1.1.0 Beta - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/47282/info 1024cms is prone to multiple cross-site scripting vulnerabilities, multiple local file-include vulnerabilities, and a directory-traversal vulnerability An attacker may leverage the...