PHPCOIN 1.2.2 - '/includes/db.php?$_CCFG[_PKG_PATH_DBSE]' Traversal Arbitrary File Access

source: https://www.securityfocus.com/bid/15831/info PhpCOIN is prone to a file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include arbitrary remote PHP code and execute it in the context ...

mcGallery PRO vuln.

mcGallery PRO vuln. Vuln. dicovered by : r0t Date: 13 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/mcgallery-pro-vuln.html vendor:http://mcgallerypro.com/ affected version: 2.2 and prior Product Description: A Pro version of mcGallery. Features: Displays photos, videos and Flash...

PHPCOIN 1.2.2 - includesdb.php?$_CCFG[_PKG_PATH_DBSE] Traversal Arbitrary File Access

PHPCOIN 1.2.2 - includesdb.php?$CCFGPKGPATHDBSE Traversal Arbitrary File Access source: https://www.securityfocus.com/bid/15831/info PhpCOIN is prone to a file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploi...

CVE-2005-4132

Unspecified "security leak" vulnerability in Contenido before 4.6.4, when registerglobals is on and allowurlfopen is true, has unspecified impact and attack vectors. NOTE: it is likely that this is a PHP remote file include vulnerability...

CVE-2005-4132

Unspecified "security leak" vulnerability in Contenido before 4.6.4, when registerglobals is on and allowurlfopen is true, has unspecified impact and attack vectors. NOTE: it is likely that this is a PHP remote file include vulnerability...

CVE-2005-4132

Summary: CVE-2005-4132 affects Contenido prior to version 4.6.4. The vulnerability is described as a PHP remote file inclusion due to improper sanitization when PHP’s register_globals is enabled and allow_url_fopen is true, enabling an attacker to potentially read arbitrary files or execute code ...

CVE-2005-4087

PHP remote file include vulnerability in acceptDecline.php in Sugar Suite Open Source Customer Relationship Management SugarCRM 4.0 beta and earlier allows remote attackers to execute arbitrary PHP code via a URL in the beanFiles array parameter...

CVE-2005-4087

SugarCRM

CVE-2005-4087

PHP remote file include vulnerability in acceptDecline.php in Sugar Suite Open Source Customer Relationship Management SugarCRM 4.0 beta and earlier allows remote attackers to execute arbitrary PHP code via a URL in the beanFiles array parameter...

CF_Nuke v4.6 Multiple vuln.

CFNuke v4.6 Multiple vuln. Vuln. dicovered by : r0t Date: 6 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/cfnuke-v46-multiple-vuln.html vendor:http://www.mycfnuke.com/ affected version:v4.6 and prior Product Description: CFNuke is a free easy-to-setup & easy-to-use open source...

CF_Nuke v4.6 Multiple vuln.

CFNuke v4.6 Multiple vuln. Vuln. dicovered by : r0t Date: 6 dec. 2005 orginal advisory:http://pridels.blogspot.com/2005/12/cfnuke-v46-multiple-vuln.html vendor:http://www.mycfnuke.com/ affected version:v4.6 and prior Product Description: CFNuke is a free easy-to-setup & easy-to-use open source...

CVE-2005-3936

SocketKB 1.1.0 and earlier are affected by a PHP file include vulnerability that allows remote attackers to include arbitrary local files via the __f parameter. The issue is a local file inclusion flaw in PHP, enabling an attacker to read or disclose local files as part of the vulnerability chain...

CVE-2005-3936

PHP file include vulnerability in SocketKB 1.1.0 and earlier allows remote attackers to include arbitrary local files via the f parameter...

CVE-2005-3936

PHP file include vulnerability in SocketKB 1.1.0 and earlier allows remote attackers to include arbitrary local files via the f parameter...

PHP Photo Album 0.2.3/4.1 - Local File Inclusion

source: https://www.securityfocus.com/bid/15651/info phpAlbum is prone to a local file-include vulnerability. An attacker may leverage this issue to execute arbitrary server-side script code that resides on an affected computer with the privileges of the webserver process. Note that this issue ma...

phpAlbum Local file include vuln.

phpAlbum Local file include vuln. Vuln. dicovered by : r0t Date: 30 nov. 2005 orginal advisory:http://pridels.blogspot.com/2005/11/phpalbum-local-file-include-vuln.html Vendor:http://www.phpalbum.net/ affected version:v0.2.3 and prior Product Description: It is easy to install and run PHP Photo...

GuppY 4.5 - 'editorTypetool.php?meskin' Traversal Arbitrary File Access

source: https://www.securityfocus.com/bid/15610/info GuppY is affected by multiple local file include and information disclosure vulnerabilities. An attacker may leverage these issues to execute arbitrary server-side script code that resides on an affected computer with the privileges of the Web...

GuppY 4.5 - dbbatch.php?lng Traversal Arbitrary File Access

GuppY 4.5 - dbbatch.php?lng Traversal Arbitrary File Access source: https://www.securityfocus.com/bid/15610/info GuppY is affected by multiple local file include and information disclosure vulnerabilities. An attacker may leverage these issues to execute arbitrary server-side script code that...

vTiger CRM 4.2 - SQL Injection

vTiger CRM 4.2 - SQL Injection source: https://www.securityfocus.com/bid/15562/info vtiger CRM is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. vTiger CRM is prone to multiple SQL injection, HTML...

vTiger CRM 4.2 - SQL Injection

source: https://www.securityfocus.com/bid/15562/info vtiger CRM is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. vTiger CRM is prone to multiple SQL injection, HTML injection, cross-site scripting...