8856 matches found
FWD: LedgerSMB Security Advisory: Multiple Vulnerabilities
Hi all; It has been brought to our attention that a number of security vulnerabilities have been noted in SQL-Ledger. Several of these affect earlier versions of LedgerSMB, and three hotfixes have been released for problems that continue to affect the LedgerSMB codebase. As always, we highly...
SiteX 'THEME_FOLDER' Parameter Multiple Local File Include Vulnerabilities
SiteX is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to obtain potentially sensitive information and execute arbitrary local scripts in the context of the webserver process. This may allow the...
SiteX 'THEME_FOLDER' Parameter Multiple Local File Include Vulnerabilities
SiteX is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these issues to obtain potentially sensitive information and execute arbitrary local scripts in the context of the webserver process. This may allow the...
DataLife Engine 8.3 - engineincincludeinit.php?selected_language Remote File Inclusion
DataLife Engine 8.3 - engineincincludeinit.php?selectedlanguage Remote File Inclusion source: https://www.securityfocus.com/bid/37851/info Datalife Engine is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues...
AdvertisementManager 3.1 - req LocalRemote File Inclusion
AdvertisementManager 3.1 - req LocalRemote File Inclusion source: https://www.securityfocus.com/bid/44165/info AdvertisementManager is prone to local and remote file-include vulnerabilities because the application fails to sufficiently sanitize user-supplied input. Exploiting these issues may all...
DataLife Engine 8.3 - engineajaxaddcomments.php?_REQUEST[skin] Remote File Inclusion
DataLife Engine 8.3 - engineajaxaddcomments.php?REQUESTskin Remote File Inclusion source: https://www.securityfocus.com/bid/37851/info Datalife Engine is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may...
DataLife Engine 8.3 - '/engine/inc/help.php?config[langs]' Remote File Inclusion
source: https://www.securityfocus.com/bid/37851/info Datalife Engine is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the computer; other attacks a...
DataLife Engine 8.3 - '/engine/inc/include/init.php?selected_language' Remote File Inclusion
source: https://www.securityfocus.com/bid/37851/info Datalife Engine is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the computer; other attacks a...
Fatwiki (fwiki) Remote FiLe include RFI
Exploit for unknown platform in category web applications ======================================= Fatwiki fwiki Remote FiLe include RFI ======================================= Fatwiki fwiki Remote FiLe include RFI Software Information + Vendor : http://galupki.de/ + Download :...
Bits Video Script 2.05 Gold Beta - showcasesearch.php?rowptem[template] Remote File Inclusion
Bits Video Script 2.05 Gold Beta - showcasesearch.php?rowptemtemplate Remote File Inclusion source: https://www.securityfocus.com/bid/40709/info Bits Video Script is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can...
Bits Video Script 2.05 Gold Beta - 'showcase2search.php?rowptem[template]' Remote File Inclusion
source: https://www.securityfocus.com/bid/40709/info Bits Video Script is prone to multiple remote file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities to obtain potentially sensitive information or to execute...
Calendarix 0.7 - calpath Remote File Inclusion
Calendarix 0.7 - calpath Remote File Inclusion source: https://www.securityfocus.com/bid/37673/info Calendarix is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containi...
Calendarix 0.7 - 'calpath' Remote File Inclusion
source: https://www.securityfocus.com/bid/37673/info Calendarix is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the...
L2Web LineWeb 1.0.5 - Multiple Input Validation Vulnerabilities
L2Web LineWeb 1.0.5 - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/40577/info LineWeb is prone to multiple input-validation vulnerabilities because it fails to adequately sanitize user-supplied input. These vulnerabilities include multiple local file-include...
L2Web LineWeb 1.0.5 - Multiple Input Validation Vulnerabilities
source: https://www.securityfocus.com/bid/40577/info LineWeb is prone to multiple input-validation vulnerabilities because it fails to adequately sanitize user-supplied input. These vulnerabilities include multiple local file-include vulnerabilities, multiple SQL-injection vulnerabilities, and an...
LineWeb 1.0.5 - Multiple Remote Vulnerabilities
LineWeb 1.0.5 - Multiple Remote Vulnerabilities source: https://www.securityfocus.com/bid/37613/info LineWeb is prone to multiple remote vulnerabilities: - Multiple local file-include vulnerabilities - An SQL-injection vulnerability - A security-bypass vulnerability An attacker can exploit these...
LineWeb 1.0.5 - Multiple Remote Vulnerabilities
source: https://www.securityfocus.com/bid/37613/info LineWeb is prone to multiple remote vulnerabilities: - Multiple local file-include vulnerabilities - An SQL-injection vulnerability - A security-bypass vulnerability An attacker can exploit these issues to execute arbitrary local files within t...
Joomla! / Mambo Component Multiple Parameter Local File Include Vulnerabilities
The remote host contains a component for Joomla! or Mambo that fails to sanitize user-supplied input to multiple parameters in a GET request before using it to include PHP code. Regardless of the PHP 'registerglobals' setting, an unauthenticated, remote attacker can exploit this issue to disclose...
AdaptBB 1.0 RFI Vulnerability
No description provided by source. || || | || o,7 || . o7 || 4||| ow, : / / . |-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=| | | | /' \ /'\ /\ \ /'\ /\ \ | | /, \ /\/\L\ \ \ \ ,/\ /\ \ \ \ / | | //\ \ /' \ /\ //\ /'\ \ /\ \ \ \ /'\ \ | | \ \ /\ /\ \ \ \ /...
Weatimages Directory Traversal and LFI Vulnerabilities
No description provided by source. Weatimages Directory Traversal&Local File Include Vulnerabilities By: e.wiZz! Script info: Site: http://nazarkin.name/projects/weatimages/download.php In the wild... index.php: ... //kill oneself if user trying to access resource with '/../' in path if...