SQL-Ledger – several vulnerabilities

============================================ ||| Security Advisory AKLINK-SA-2009-001 ||| ||| CVE-2009-3580 CVE candidate ||| ||| CVE-2009-3581 CVE candidate ||| ||| CVE-2009-3582 CVE candidate ||| ||| CVE-2009-3583 CVE candidate ||| ||| CVE-2009-3584 CVE candidate |||...

Simple PHP Blog <= 0.5.1 Local File Include vulnerability

No description provided by source. ============================================= INTERNET SECURITY AUDITORS ALERT 2009-005 - Original release date: March 2nd, 2009 - Last revised: December 18th, 2009 - Discovered by: Juan Galiana Lara - Severity: 6.8/10 CVSS scored...

Simple PHP Blog v0.5.1 Local File Inclusion Vulnerability

Exploit for unknown platform in category web applications ========================================================= Simple PHP Blog v0.5.1 Local File Inclusion Vulnerability ========================================================= Simple PHP Blog is prone to a local file-include vulnerability...

phpPollScript - 1.3 Remote File Include

phpPollScript = 1.3 Remote File Include Vulnerability Download Script : http://download.tomex.org/phpPollScriptv13b.zip Author : ZZxxHackerzzXX Contact : [email protected] Location : Turkey file : init.poll.php line 2 $incpath = dirname$includeclass; line 3 require $incpath."/voting.poll.php";...

[ISecAuditors Security Advisories] Simple PHP Blog <= 0.5.1 Local File Include vulnerability

============================================= INTERNET SECURITY AUDITORS ALERT 2009-005 - Original release date: March 2nd, 2009 - Last revised: December 18th, 2009 - Discovered by: Juan Galiana Lara - Severity: 6.8/10 CVSS scored ============================================= I. VULNERABILITY...

QuiXplorer 2.41beta LFI / Traversal / Code Execution

============================================= INTERNET SECURITY AUDITORS ALERT 2009-003 - Original release date: March 2nd, 2009 - Last revised: December 17th, 2009 - Discovered by: Juan Galiana Lara - Severity: 9/10 CVSS scored ============================================= I. VULNERABILITY...

gpEasy <= 1.5RC3 Remote FIle Include Exploit

No description provided by source. Exploit Title: gpEasy = 1.5RC3 Remote FIle Include Exploit Date: 18-12-2009 Author: cr4wl3r Software Link: http://sourceforge.net/projects/gpeasy/files/ Version: N/A Tested on: GNU/LINUX Code adminpassword.php :...

Simple PHP Blog 0.5.1 Local File Inclusion

============================================= INTERNET SECURITY AUDITORS ALERT 2009-005 - Original release date: March 2nd, 2009 - Last revised: December 18th, 2009 - Discovered by: Juan Galiana Lara - Severity: 6.8/10 CVSS scored ============================================= I. VULNERABILITY...

gpEasy <= 1.5RC3 Remote FIle Include Exploit

Exploit for unknown platform in category web applications ============================================ gpEasy = 1.5RC3 Remote FIle Include Exploit ============================================ Exploit Title: gpEasy = 1.5RC3 Remote FIle Include Exploit Date: 18-12-2009 Author: cr4wl3r Software Link...

F3Site 2009 - &#039;/mod/poll.php?GLOBALS[nlang]&#039; Traversal Local File Inclusion

source: https://www.securityfocus.com/bid/37408/info F3Site is prone to multiple local file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks ar...

Family Connections Multiple Input Validation Vulnerabilities

Family Connections is prone to multiple input-validation vulnerabilities, including a local file-include issue, an arbitrary file-upload issue, and multiple SQL-injection issues. These issues occur because the application fails to properly sanitize user- supplied input. Exploiting these issues ma...

[ISecAuditors Security Advisories] QuiXplorer &lt;=2.4.1beta Remote Code Execution vulnerability

============================================= INTERNET SECURITY AUDITORS ALERT 2009-003 - Original release date: March 2nd, 2009 - Last revised: December 17th, 2009 - Discovered by: Juan Galiana Lara - Severity: 9/10 CVSS scored ============================================= I. VULNERABILITY...

Family Connections <= 2.1.3 Multiple Input Validation Vulnerabilities

Family Connections is prone to multiple input-validation vulnerabilities, including a local file include LFI issue, an arbitrary file-upload issue, and multiple SQL injection SQLi issues. These issues occur because the application fails to properly sanitize user-supplied input...

phpldapadmin 'cmd.php' Local File Include Vulnerability

phpldapadmin is prone to a local file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible. phpldapadmin 1.1.0.5 is vulnerable; other...

Invision Power Board < 3.0.5 Multiple Vulnerabilities

The remote web server hosts a version of Invision Power Board earlier than 3.0.5. Such versions are potentially affected by multiple vulnerabilities : - A local-file include vulnerability affects the 'section' parameter sent to the 'forum/index.php' script. - A SQL injection vulnerability affects...

Invision Power Board < 3.0.5 Multiple Vulnerabilities (deprecated)

Binary data 5260.prm...

eoCMS <= 0.9.03 Remote FIle Include Vulnerability

Exploit for unknown platform in category web applications ================================================= eoCMS = 0.9.03 Remote FIle Include Vulnerability ================================================= Exploit Title: eoCMS = 0.9.03 Remote FIle Include Vulnerability Date: 14-12-2009 Author:...

eoCMS &lt;= 0.9.03 Remote FIle Include Vulnerability

No description provided by source. Exploit Title: eoCMS = 0.9.03 Remote FIle Include Vulnerability Date: 14-12-2009 Author: 1nd0n3s14n l4m3r Software Link: http://eocms.com/index.php?act=plugin&id=4 Version: N/A Tested on: GNU/LINUX CVE : N/A Code : N/A eoCMS = 0.9.03 Remote FIle Include...

Mamboleto Joomla! component Remote File Include Vulneralbility

No description provided by source. / ! Mamboleto Joomla! component Remote File Include Vulneralbility ! Author : Don Tukulesto [email protected] ! Homepage : http://www.indonesiancoder.com ! Date : December 10, 2009 ! Tune In : http://antisecradio.fm choose your weapon / Software Informati...

Joomla! Mamboleto Component 2.0 RC3 Remote File Include Vulneralbility

No description provided by source. / ! Mamboleto Joomla! component Remote File Include Vulneralbility ! Author : Don Tukulesto [email protected] ! Homepage : http://www.indonesiancoder.com ! Date : December 10, 2009 ! Tune In : http://antisecradio.fm choose your weapon / Software Informati...