MyGuestbook 0.6.1 - Form.Inc.php3 Remote File Inclusion

MyGuestbook 0.6.1 - Form.Inc.php3 Remote File Inclusion source: https://www.securityfocus.com/bid/14155/info MyGuestbook is prone to a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue...

osTicket <= 1.3.1 Multiple Vulnerabilities

The version of osTicket installed on the remote host suffers from several vulnerabilities, including: - A Local File Include Vulnerability The application fails to sanitize user-supplied input to the 'inc' parameter in the 'view.php' script. An attacker may be able to exploit this flaw to run...

DEBIAN-CVE-2005-1526

PHP remote file inclusion vulnerability in configsettings.php in Cacti before 0.8.6e allows remote attackers to execute arbitrary PHP code via the configincludepath parameter...

FusionBB 0.x - Multiple Input Validation Vulnerabilities

source: https://www.securityfocus.com/bid/13939/info FusionBB is affected by multiple vulnerabilities. These issues arise due to a failure of the application to properly sanitize user-supplied input. The following specific vulnerabilities were identified: The application is affected by a local fi...

FusionBB 0.x - Multiple Input Validation Vulnerabilities

FusionBB 0.x - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/13939/info FusionBB is affected by multiple vulnerabilities. These issues arise due to a failure of the application to properly sanitize user-supplied input. The following specific vulnerabilities...

PHP-Nuke 7.x - Multiple Remote File Inclusions

source: https://www.securityfocus.com/bid/18186/info PHP-Nuke is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to include arbitrary remote files containing...

[SECURITYREASON.COM] PostNuke Non Critical SQL Injection and Include 0.760-RC3=&gt;x

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 PostNuke Non Critical SQL Injection and Include 0.760-RC3=x cXIb8O3.10 Author: cXIb8O3Maksymilian Arciemowicz Date: 2.4.2005 from securityreason.com TEAM - --- 0.Description --- PostNuke: The Phoenix Release 0.760-RC3=X PostNuke is an open source, ope...

Yappa-NG Multiple Vulnerabilities

GulfTech Security Research May 11th, 2005 Vendor : Fritz Berger URL : http://sourceforge.net/projects/yappa-ng/ Version : yappa-ng 2.3.1 && Earlier Risk : Multiple Vulnerabilities Description: Yappa-NG is the second generation new and improved version of Yappa yet another php photo album. There a...

osTicket <= 1.2.7 Multiple Vulnerabilities

The version of osTicket installed on the remote host suffers from several vulnerabilities : - A Remote File Include Vulnerability The script 'include/main.php' lets an attacker read arbitrary files on the remote host and possibly even run arbitrary PHP code, subject to the privileges of the web...

SitePanel2 2.6.1 - Multiple Input Validation Vulnerabilities

source: https://www.securityfocus.com/bid/13481/info SitePanel2 is affected by multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Multiple cross-site scripting issues affect the application. An attacker may...

SitePanel2 2.6.1 - Multiple Input Validation Vulnerabilities

SitePanel2 2.6.1 - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/13481/info SitePanel2 is affected by multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. Multiple cross-site...

CVE-2005-0327

pafiledb.php in Pafiledb 3.1 may allow remote attackers to execute arbitrary PHP code via a modified action parameter that is used in an include statement for login.php...

Claroline < 1.5.4 / 1.6.0 Multiple Vulnerabilities (RFI, SQLi, XSS, Traversal)

The version of Claroline an open source, collaborative learning environment installed on the remote host suffers from a number of remotely-exploitable vulnerabilities, including: - Multiple Remote File Include Vulnerabilities Four scripts let an attacker read arbitrary files on the remote host an...

Claroline E-Learning 1.51.6 - exercises_details.php?exo_id SQL Injection

Claroline E-Learning 1.51.6 - exercisesdetails.php?exoid SQL Injection source: https://www.securityfocus.com/bid/13407/info Multiple remote input validation vulnerabilities affect Claroline e-Learning Application. These issues are due to a failure of the application to properly sanitize...

Claroline 1.51.6 - myagenda.php?coursePath Cross-Site Scripting

Claroline 1.51.6 - myagenda.php?coursePath Cross-Site Scripting source: https://www.securityfocus.com/bid/13407/info Multiple remote input validation vulnerabilities affect Claroline e-Learning Application. These issues are due to a failure of the application to properly sanitize user-supplied...

Claroline 1.5/1.6 - &#039;myagenda.php?coursePath&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/13407/info Multiple remote input validation vulnerabilities affect Claroline e-Learning Application. These issues are due to a failure of the application to properly sanitize user-supplied input prior to using it to carry out critical application...

Claroline 1.5/1.6 - &#039;user_access_details.php?data&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/13407/info Multiple remote input validation vulnerabilities affect Claroline e-Learning Application. These issues are due to a failure of the application to properly sanitize user-supplied input prior to using it to carry out critical application...

yappa-ng < 2.3.2 Multiple Vulnerabilities

The version of yappa-ng installed on the remote host is prone to multiple file include and cross-site scripting vulnerabilities due to its failure to sanitize user-supplied script input when calling various include scripts directly. By exploiting the file include vulnerabilities, an attacker can...

Claroline 1.51.6 - user_access_details.php?data Cross-Site Scripting

Claroline 1.51.6 - useraccessdetails.php?data Cross-Site Scripting source: https://www.securityfocus.com/bid/13407/info Multiple remote input validation vulnerabilities affect Claroline e-Learning Application. These issues are due to a failure of the application to properly sanitize user-supplied...

Claroline 1.51.6 - toolaccess_details.php?tool Cross-Site Scripting

Claroline 1.51.6 - toolaccessdetails.php?tool Cross-Site Scripting source: https://www.securityfocus.com/bid/13407/info Multiple remote input validation vulnerabilities affect Claroline e-Learning Application. These issues are due to a failure of the application to properly sanitize user-supplied...