8856 matches found
Joomla! JoomTouch Component 'controller' Parameter Local File Include Vulnerability
The JoomTouch component for Joomla! is prone to a local file- include vulnerability because it fails to properly sanitize user- supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and execute arbitrary local scripts in the context of the webserve...
awiki <= 20100125 Multiple LFI Vulnerabilities - Active Check
awiki is prone to multiple local file include LFI vulnerabilities because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Joomla! JoomTouch Component <= 1.0.2 LFI Vulnerability - Active Check
The JoomTouch component for Joomla! is prone to a local file include LFI vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...
SaltOS v3.0 r3311 - SQL Injection & File Include Vulnerability
Document Title: =============== SaltOS v3.0 r3311 - SQL Injection & File Include Vulnerability Release Date: ============= 2011-08-13 Vulnerability Laboratory ID VL-ID: ==================================== 247 Product & Service Introduction: =============================== SaltOS is a eGroupware...
SaltOS v3.0 r3311 - SQL Injection & File Include Vulnerability
Document Title: =============== SaltOS v3.0 r3311 - SQL Injection & File Include Vulnerability Release Date: ============= 2011-08-13 Vulnerability Laboratory ID VL-ID: ==================================== 247 Product & Service Introduction: =============================== SaltOS is a eGroupware...
PHP Flat File Guestbook 1.0 - ffgb_admin.php Remote File Inclusion
PHP Flat File Guestbook 1.0 - ffgbadmin.php Remote File Inclusion source: https://www.securityfocus.com/bid/49138/info PHP Flat File Guestbook is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue may allow an attacker...
The latest day by day buy 0day-vulnerability warning-the black bar safety net
The first is the local contains ajax.php requireonce MODPATH.$ this-SetEvent$config'defaultmodule'.’. mod.php’; //Look at the SetEvent function SetEvent $modss = array‘check’=1,’getseller’=1,’member’=1; $mod = isset$POST'mod' ? $POST'mod' : $GET'mod'; if! isset$modss //programmers thought Chaos...
cPanel 11.x (Fantastico) Local File Include / SM-b0x
Exploit for php platform in category web applications cPanel 11.x Fantastico Local File Include / SM-b0x ////\ //\ //\ //\ //\ //\ //\ //\ //\ :::/\ ::\:.\ \::\ \ \ \ :\ \ ::: \ \::: \ \::\ \:::/ /: / \:::/ ::/\ .\ \ //\:\ \ :: \ \:: /:/ /: / /::/ /\/\:: ::\ \::::/ :...
Ecshop the latest version v. 2 7 2 Local include vulnerability Oday-vulnerability warning-the black bar safety net
“js/calendar.php”: the $lang = ! empty$GET'lang' ? trim$GET'lang' : 'EN';//no filter, obviously contains a vulnerability if ! fileexists'../languages/' . $lang . '/calendar.php' $lang = 'EN'; requiredirnamedirnameFILE . '/data/config.php'; header'Content-type: application/x-javascript; charset='...
Chyrp 2.x swfupload Extension - upload_handler.php Arbitrary File Upload Arbitrary PHP Code Execution
Chyrp 2.x swfupload Extension - uploadhandler.php Arbitrary File Upload Arbitrary PHP Code Execution source: https://www.securityfocus.com/bid/48672/info Chyrp is prone to multiple cross-site scripting vulnerabilities, a local file-include vulnerability, an arbitrary file-upload vulnerability, an...
Chyrp 2.x swfupload Extension - 'upload_handler.php' Arbitrary File Upload / Arbitrary PHP Code Execution
source: https://www.securityfocus.com/bid/48672/info Chyrp is prone to multiple cross-site scripting vulnerabilities, a local file-include vulnerability, an arbitrary file-upload vulnerability, and a directory-traversal vulnerability. An attacker may leverage these issues to execute arbitrary...
Chyrp 2.x - '/includes/lib/gz.php?File' Traversal Arbitrary File Access
source: https://www.securityfocus.com/bid/48672/info Chyrp is prone to multiple cross-site scripting vulnerabilities, a local file-include vulnerability, an arbitrary file-upload vulnerability, and a directory-traversal vulnerability. An attacker may leverage these issues to execute arbitrary...
Chyrp 2.x - 'action' Traversal Local File Inclusion
source: https://www.securityfocus.com/bid/48672/info Chyrp is prone to multiple cross-site scripting vulnerabilities, a local file-include vulnerability, an arbitrary file-upload vulnerability, and a directory-traversal vulnerability. An attacker may leverage these issues to execute arbitrary...
Auth3ntiQ & shika01 found Local file include on numericable.be & numericable.lu
Auth3ntiQ & shika01 found local file include on numericable.be & numericable.lu Hackers named "Auth3ntiQ and shika01" found local file include on numericable.be & numericable.lu . Venerable Links : Link 1 Link 2 Bugs are critical , Hackers can steal all account with this LFI . Found this article...
CVE-2011-2508
CVE-2011-2508 affects phpMyAdmin 3.x before 3.3.10.2 and 3.4.x before 3.4.3.1. A directory traversal via a crafted GLOBALS[mime_map][$meta->name][transformation] parameter allows remote authenticated users to perform local file inclusion and potentially execute local files. Root cause: insecur...
Chyrp 2.x - includesJavaScript.php?action Cross-Site Scripting
Chyrp 2.x - includesJavaScript.php?action Cross-Site Scripting source: https://www.securityfocus.com/bid/48672/info Chyrp is prone to multiple cross-site scripting vulnerabilities, a local file-include vulnerability, an arbitrary file-upload vulnerability, and a directory-traversal vulnerability...
Deep throat cms file include vulnerability resulting database disclosure-vulnerability warning-the black bar safety net
Due to the presence of a file containing a vulnerability, the result can bypass the backstage access restrictions and the access to some page Detail Code Description: $controller=ABSPATH.'/ content/'.$ params'model'.'/ index.php'; //die$controller; //Load call tag iffileexistsABSPATH.'/...
Chyrp 2.x - '/admin/help.php' Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/48672/info Chyrp is prone to multiple cross-site scripting vulnerabilities, a local file-include vulnerability, an arbitrary file-upload vulnerability, and a directory-traversal vulnerability. An attacker may leverage these issues to execute arbitrary...
Portix-CMS 'page' Parameter Local File Include Vulnerability
Portix-CMS is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information or to execute arbitrary local scripts in the context of the webserver process. This may allow...
Portix-CMS <= 1.5.0.rc5 LFI Vulnerability - Active Check
Portix-CMS is prone to a local file include LFI vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...