Quate CMS 0.3.4 (LFI/XSS) Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications ========================================================= Quate CMS 0.3.4 LFI/XSS Multiple Remote Vulnerabilities =========================================================...

Chupix CMS Contact Module 0.1 - 'index.php' Multiple Local File Inclusions

source: https://www.securityfocus.com/bid/30564/info The Contact module for Chupix CMS is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues using directory-traversal strings to view local files with...

UNAK-CMS 1.5 - 'connector.php' Local File Inclusion

source: https://www.securityfocus.com/bid/30533/info UNAK-CMS is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability using directory-traversal strings to view local files within the context of the...

pepsicms-rfi.txt

Dear Packetstormsecurity ! I found Vulnerability in Pepsi CMS here is the description ======================================= Pepsi CMS template-loader.php Remote File Include ======================================= ::Home: http://sourceforge.net/projects/pepsicms/ ::Vuln Type : Remote File Inclu...

H0tturk Panel - gizli.php Remote File Inclusion

H0tturk Panel - gizli.php Remote File Inclusion source: https://www.securityfocus.com/bid/30468/info H0tturk Panel is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file...

Directory traversal

Directory traversal vulnerability in userportal.php in the Dokeos E-Learning System 1.8.5 on Windows allows remote attackers to include and execute arbitrary local files via a ..\ dot dot backslash in the include parameter...

CVE-2008-3363

Directory traversal vulnerability in userportal.php in the Dokeos E-Learning System 1.8.5 on Windows allows remote attackers to include and execute arbitrary local files via a ..\ dot dot backslash in the include parameter...

DEV Web Management System 1.5 - Multiple Input Validation Vulnerabilities

DEV Web Management System 1.5 - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/30447/info DEV Web Management System is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. The issues include local...

Minishowcase 09b136 (lang) Local File Inclusion Vulnerability

No description provided by source. Digital Security Research Group DSecRG Advisory DSECRG-08-034 Application: Minishowcase Image Gallery Versions Affected: v09b136 Vendor URL: http://minishowcase.frwrd.net Bug: Local File Include Exploits: YES Reported: 14.07.2008 Second report: 22.07.2008 Vendor...

DEV Web Management System 1.5 - Multiple Input Validation Vulnerabilities

source: https://www.securityfocus.com/bid/30447/info DEV Web Management System is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. The issues include local file-include, SQL-injection, and cross-site scripting vulnerabilities...

[DSECRG-08-034] Local File Include Vulnerability in Minishowcase v09b136

Digital Security Research Group DSecRG Advisory DSECRG-08-034 Application: Minishowcase Image Gallery Versions Affected: v09b136 Vendor URL: http://minishowcase.frwrd.net Bug: Local File Include Exploits: YES Reported: 14.07.2008 Second report: 22.07.2008 Vendor response: NONE Solution: NONE Date...

[DSECRG-08-033] Local File Include Vulnerability in Pixelpost 1.7.1

Digital Security Research Group DSecRG Advisory DSECRG-08-033 Application: Pixelpost photoblog Versions Affected: 1.7.1 Vendor URL: http://www.pixelpost.org/ Bug: Local File Include Exploits: YES Reported: 22.07.2008 Vendor response: 23.07.2008 Solution: YES Date of Public Advisory: 28.07.2008...

PixelPost 1.7.1 (language_full) Local File Inclusion Vulnerability

No description provided by source. Digital Security Research Group DSecRG Advisory DSECRG-08-033 Application: Pixelpost photoblog Versions Affected: 1.7.1 Vendor URL: http://www.pixelpost.org/ Bug: Local File Include Exploits: YES Reported: 22.07.2008 Vendor response: 23.07.2008 Solution: YES Dat...

Dokeos E-Learning System 1.8.5 Local File Inclusion Vulnerability

No description provided by source. Digital Security Research Group DSecRG Advisory DSECRG-08-029 Application: Dokeos E-Learning System Versions Affected: 1.8.5 Vendor URL: http://dokeos.com/ Bug: Local File Include Exploits: YES Reported: 01.07.2008 Vendor response: 05.07.2008 Solution: YES Date ...

DSECRG-08-034.txt

Digital Security Research Group DSecRG Advisory DSECRG-08-034 Application: Minishowcase Image Gallery Versions Affected: v09b136 Vendor URL: http://minishowcase.frwrd.net Bug: Local File Include Exploits: YES Reported: 14.07.2008 Second report: 22.07.2008 Vendor response: NONE Solution: NONE Date...

PixelPost 1.7.1 - language_full Local File Inclusion

PixelPost 1.7.1 - languagefull Local File Inclusion Digital Security Research Group DSecRG Advisory DSECRG-08-033 Application: Pixelpost photoblog Versions Affected: 1.7.1 Vendor URL: http://www.pixelpost.org/ Bug: Local File Include Exploits: YES Reported: 22.07.2008 Vendor response: 23.07.2008...

DSECRG-08-033.txt

Digital Security Research Group DSecRG Advisory DSECRG-08-033 Application: Pixelpost photoblog Versions Affected: 1.7.1 Vendor URL: http://www.pixelpost.org/ Bug: Local File Include Exploits: YES Reported: 22.07.2008 Vendor response: 23.07.2008 Solution: YES Date of Public Advisory: 28.07.2008...

PixelPost 1.7.1 (language_full) Local File Inclusion Vulnerability

Exploit for unknown platform in category web applications ================================================================== PixelPost 1.7.1 languagefull Local File Inclusion Vulnerability ================================================================== Digital Security Research Group DSecRG...

XRms 1.99.2 - Remote File Inclusion / Cross-Site Scripting / Information Gathering

XMRS Multiple Vulnerabilities ZeroDay at 25-07-2008 Author: AzzCoder [email protected] Product: http://www.xrms.org/ Product Type: CRM Thanks: coresecurity.com Remote File Inclusion File: activities/workflow-activities.php Variable: $includedirectory Required registerglobals: Yes XSS Multiple...

[DSECRG-08-031] Local File Include Vulnerability in Interact 2.4.1

Digital Security Research Group DSecRG Advisory DSECRG-08-31 Application: Interact E-Learning System Versions Affected: 2.4.1 Vendor URL: http://sourceforge.net/projects/cce-interact Bug: Local File Include Exploits: YES Reported: 03.07.2008 Vendor response: 04.07.2008 Solution: YES Date of Publi...