8856 matches found
Course MS Cross Site Scripting, SQL Injection and Local File Include Vulnerabilities
Course Registration Management System is prone to multiple input- validation vulnerabilities, including: 1. Multiple cross-site scripting vulnerabilities 2. An SQL-injection vulnerability 3. A local file-include vulnerability Exploiting these issues could allow an attacker to execute arbitrary...
Batavi Multiple Local File Include and Cross Site Scripting Vulnerabilities
Batavi is prone to multiple local file-include and cross-site scripting vulnerabilities because it fails to properly sanitize user- supplied input. An attacker can exploit the local file-include vulnerabilities using directory-traversal strings to view and execute local files within the context o...
Batavi <= 1.0 Multiple Vulnerabilities - Active Check
Batavi is prone to multiple local file include LFI and cross-site scripting XSS vulnerabilities because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
PHP Simple Gallery 0.1 Local File Include Vulnerability
Exploit for php platform in category web applications exploit title: local file include in PHP Simple Gallery 0.1 date: 18.o2.2o11 author: lemlajt software : PHP Simple Gallery vendor : http://sourceforge.net/projects/simple-gallery/ PoC:...
PHPXref 0.7 Cross Site Scripting
Hello list! I want to warn you about Cross-Site Scripting and Remote HTML Include vulnerabilities in PHPXref. ------------------------- Affected products: ------------------------- Vulnerable are PHPXref 0.7 and previous versions. In version PHPXref 0.7.1 the developer fixed these vulnerabilities...
Уязвимости в PHPXref
Здравствуйте 3APA3A! Сообщаю вам о найденных мною Cross-Site Scripting и Remote HTML Include уязвимостях в PHPXref. XSS RXI WASC-08: http://site/nav.html?javascript:alertdocument.cookie RHI WASC-12: http://site/nav.html?http://websecurity.com.ua Уязвимы PHPXref 0.7 и предыдущие версии. В версии...
ReOS Local File Include and SQL Injection Vulnerabilities
ReOS is prone to a local file-include vulnerability and multiple SQL- injection vulnerabilities because it fails to properly sanitize user- supplied input. An attacker can exploit the local file-include vulnerability using directory- traversal strings to view and execute arbitrary local files...
Betsy 'page' Parameter Local File Include Vulnerability
Betsy is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and to execute arbitrary local scripts in the context of the webserver process. This may allow the...
Podcast Generator Local File Include and Cross Site Scripting Vulnerabilities
Podcast Generator is prone to a local file-include vulnerability and a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit the local file-include vulnerability using directory-traversal strings to view and execute local files withi...
ReOS Local File Include and SQL Injection Vulnerabilities
ReOS is prone to a local file-include vulnerability and multiple SQL- injection vulnerabilities because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
Raja Natarajan Guestbook 'lang' Parameter Local File Include Vulnerability
The Raja Natarajan Guestbook is prone to a local file-include vulnerability because it fails to properly sanitize user- supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and to execute arbitrary local scripts in the context of the webserver...
TinyWebGallery Cross Site Scripting and Local File Include Vulnerabilities
TinyWebGallery is prone to local file-include and cross-site scripting vulnerabilities because the application fails to properly sanitize user- supplied input. A remote attacker may leverage the cross-site scripting issue to execute arbitrary script code in the browser of an unsuspecting user in...
Betsy 4.0 Local File Inclusion
/ Name : Betsy v4.0 Vuln : Local File Include WebSite : http://www.betsy.fr/ Author : Hamza 'MizoZ' N. Email : [email protected] / Input passed to the "page" parameter in ress.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from loc...
TinyWebGallery Cross Site Scripting and Local File Include Vulnerabilities
TinyWebGallery is prone to local file-include and cross-site scripting vulnerabilities because the application fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
MultiCMS 'lng' Parameter Local File Include Vulnerability
MultiCMS is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and to execute arbitrary local scripts in the context of the webserver process. This may allow...
MultiCMS 'lng' Parameter Local File Include Vulnerability
MultiCMS is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
HDWiKi V 5.0 local include vulnerability 0Day-vulnerability warning-the black bar safety net
Release date: 2011-01. 2 3 Publishing author: HYrz Affected versions: HDWiKi V 5.0 Official website: http://kaiyuan.hudong.com Vulnerability type: a file that contains Vulnerability description: From the source code see there is indeed a problem,we just Upload a picture of the Trojan can be norma...
CultBooking 'cultbooking.php' Local File Include and Multiple Cross Site Scripting Vulnerabilities
CultBooking is prone to a local file-include vulnerability and multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit the local file-include vulnerability using directory-traversal strings to view and execute local files...
PhpGedView module.php pgvaction Parameter Traversal Local File Inclusion
The web server hosts PhpGedView, a web-based real estate listing management application written in PHP. The version of PhpGedView installed on the remote host fails to sanitize user input to the 'pgvaction' parameter of the 'module.php' script before using it to include PHP code. Regardless of...
LotusCMS 'index.php' Local File Include Vulnerability
LotusCMS is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and to execute arbitrary local scripts in the context of the webserver process. This may allow...