PT-2009-2018 · Moinmoin · Moinmoin

Name of the Vulnerable Software and Affected Versions: MoinMoin version 1.6.1 Description: The issue concerns the rst parser in MoinMoin, which fails to check the ACL of an included page. This allows attackers to read unauthorized include files via unknown vectors. Recommendations: For MoinMoin...

Acute Control Panel SQL Injection Vulnerability and Remote File Include Vulnerability

Acute Control Panel is prone to multiple input-validation vulnerabilities, including an SQL-injection issue and multiple remote file-include issues. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...

PHP. ini way anti-injection or hung it-vulnerability warning-the black bar safety net

Originally this two-day study phpIDS, using the file: when you want to prevent the page attack, in the pages of the head of the include attack prevention file, just like General anti-injected into the file. We can use three cases to do that: 1, in each of the files within the references. Such a...

phpMyAdmin BLOB Streaming Multiple Input Validation Vulnerabilities

phpMyAdmin is prone to multiple input-validation vulnerabilities, including an HTTP response-splitting vulnerability and a local file-include vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

Acute Control Panel 1.0.0 RFI / SQL Injection

Acute Control Panel 1.0.0 RFI/SQL Injection Auth Bypass + Discovered By SirGod + www.mortal-team.org + www.h4cky0u.org + Remote File Inclusion Vulnerable code in container.php ----------------------------------------------------------- -----------------------------------------------------------...

openSUSE 10 Security Update : horde (horde-6099)

Version update to horde 3.1.9 fixes a cross-site-scripting XSS issue CVE-2008-5917 and an include file problem CVE-2009-0932. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update horde-6099. The te...

Immunity Canvas: PHPLINKADMIN_RFI

Name| phplinkadminrfi ---|--- CVE| CVE-2009-1025 Exploit Pack| CANVAS Description| PHPLinkAdmin Remote File Include Notes| CVSS: 7.5 Repeatability: Infinite VENDOR: Beerwin CVE Url: https://vulners.com/cve/CVE-2009-1025 CVE Name: CVE-2009-1025...

Immunity Canvas: JOOMLAGOOGLEBASE_RFI

Name| joomlagooglebaserfi ---|--- CVE| CVE-2008-6483 Exploit Pack| CANVAS Description| Joomla comgooglebase Remote File Include Notes| CVSS: 7.5 Repeatability: Infinite VENDOR: Joomla CVE Url: https://vulners.com/cve/CVE-2008-6483 CVE Name: CVE-2008-6483...

Immunity Canvas: JOOMLATREEG_RFI

Name| joomlatreegrfi ---|--- CVE| CVE-2008-6482 Exploit Pack| CANVAS Description| Joomla comtreeg Remote File Include Notes| CVSS: 6.8 Repeatability: Infinite VENDOR: Joomla CVE Url: https://vulners.com/cve/CVE-2008-6482 CVE Name: CVE-2008-6482...

Beerwin's PhpLinkAdmin <= 1.0 Multiple Vulnerabilities - Active Check

Beerwin SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description scriptoid"1.3.6.1.4.1.25623.1.0.100058";...

Beerwin's PhpLinkAdmin Remote File Include and Multiple SQL Injection Vulnerabilities

Beerwin's PhpLinkAdmin is prone to multiple input-validation vulnerabilities, including a remote file-include issue and multiple SQL-injection issues. A successful exploit may allow an attacker to execute malicious code within the context of the webserver process, compromise the application, acce...

Cryptographp 'index.php' Local File Include Vulnerability

Cryptographp is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

PassWiki 'site_id' Parameter Local File Include Vulnerability

PassWiki is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. Exploiting this issue allows remote attackers to view local files within the context of the webserver process. PassWiki 0.9.17 and prior versions are vulnerable. OpenVAS Vulnerabilit...

e-Vision CMS Multiple Local File Include Vulnerabilities

e-Vision CMS is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities using directory-traversal strings to view local files and execute local scripts within the context of the webserver process...

Dagger RFI Vulnerability (Mar 2009) - Active Check

Dagger is prone to a remote file include RFI vulnerability because it fails to sufficiently sanitize user-supplied data. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Yap Blog 'index.php' Remote File Include Vulnerability

Yap Blog is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible. Versions prior to Yap Blog 1.1.1 are...

Microsoft IIS MS03-018 Security Check

A Cross-Site ScriptingXSSvulnerability affecting IIS 4.0, 5.0 and 5.1 involving the error message that SPDX-FileCopyrightText: 2009 Christian Eric Edjenguele Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

BlindBlog Multiple Local File Include and SQL Injection Vulnerabilities

BlindBlog is prone to a local file-include vulnerability and multiple SQL-injection vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit the local file-include vulnerability using directory-traversal strings to view and execute arbitrary local files...

OneOrZero Helpdesk 'login.php' Local File Include Vulnerability

OneOrZero Helpdesk is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to view and execute arbitrary local files in the context of the webserver process. This may aid in further attacks. OneOrZero...

Golabi CMS 'index_logged.php' Remote File Include Vulnerability

Golabi CMS is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue can allow an attacker to compromise the application and the underlying computer; other attacks are also possible. OpenVAS Vulnerability Test $Id:...