PYSEC-2009-11

The rst parser parser/textrst.py in MoinMoin 1.6.1 does not check the ACL of an included page, which allows attackers to read unauthorized include files via unknown vectors...

PT-2009-2018 · Moinmoin · Moinmoin

Name of the Vulnerable Software and Affected Versions: MoinMoin version 1.6.1 Description: The issue concerns the rst parser in MoinMoin, which fails to check the ACL of an included page. This allows attackers to read unauthorized include files via unknown vectors. Recommendations: For MoinMoin...

Acute Control Panel SQL Injection Vulnerability and Remote File Include Vulnerability

Acute Control Panel is prone to multiple input-validation vulnerabilities, including an SQL-injection issue and multiple remote file-include issues. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...

PHP. ini way anti-injection or hung it-vulnerability warning-the black bar safety net

Originally this two-day study phpIDS, using the file: when you want to prevent the page attack, in the pages of the head of the include attack prevention file, just like General anti-injected into the file. We can use three cases to do that: 1, in each of the files within the references. Such a...

Acute Control Panel 1.0.0 RFI / SQL Injection

Acute Control Panel 1.0.0 RFI/SQL Injection Auth Bypass + Discovered By SirGod + www.mortal-team.org + www.h4cky0u.org + Remote File Inclusion Vulnerable code in container.php ----------------------------------------------------------- -----------------------------------------------------------...

phpMyAdmin BLOB Streaming Multiple Input Validation Vulnerabilities

phpMyAdmin is prone to multiple input-validation vulnerabilities, including an HTTP response-splitting vulnerability and a local file-include vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

openSUSE 10 Security Update : horde (horde-6099)

Version update to horde 3.1.9 fixes a cross-site-scripting XSS issue CVE-2008-5917 and an include file problem CVE-2009-0932. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update horde-6099. The te...

Immunity Canvas: PHPLINKADMIN_RFI

Name| phplinkadminrfi ---|--- CVE| CVE-2009-1025 Exploit Pack| CANVAS Description| PHPLinkAdmin Remote File Include Notes| CVSS: 7.5 Repeatability: Infinite VENDOR: Beerwin CVE Url: https://vulners.com/cve/CVE-2009-1025 CVE Name: CVE-2009-1025...

Immunity Canvas: JOOMLATREEG_RFI

Name| joomlatreegrfi ---|--- CVE| CVE-2008-6482 Exploit Pack| CANVAS Description| Joomla comtreeg Remote File Include Notes| CVSS: 6.8 Repeatability: Infinite VENDOR: Joomla CVE Url: https://vulners.com/cve/CVE-2008-6482 CVE Name: CVE-2008-6482...

Immunity Canvas: JOOMLAGOOGLEBASE_RFI

Name| joomlagooglebaserfi ---|--- CVE| CVE-2008-6483 Exploit Pack| CANVAS Description| Joomla comgooglebase Remote File Include Notes| CVSS: 7.5 Repeatability: Infinite VENDOR: Joomla CVE Url: https://vulners.com/cve/CVE-2008-6483 CVE Name: CVE-2008-6483...

Beerwin's PhpLinkAdmin Remote File Include and Multiple SQL Injection Vulnerabilities

Beerwin's PhpLinkAdmin is prone to multiple input-validation vulnerabilities, including a remote file-include issue and multiple SQL-injection issues. A successful exploit may allow an attacker to execute malicious code within the context of the webserver process, compromise the application, acce...

Beerwin's PhpLinkAdmin <= 1.0 Multiple Vulnerabilities - Active Check

Beerwin SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description scriptoid"1.3.6.1.4.1.25623.1.0.100058";...

Cryptographp 'index.php' Local File Include Vulnerability

Cryptographp is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

PassWiki 'site_id' Parameter Local File Include Vulnerability

PassWiki is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. Exploiting this issue allows remote attackers to view local files within the context of the webserver process. PassWiki 0.9.17 and prior versions are vulnerable. OpenVAS Vulnerabilit...

e-Vision CMS Multiple Local File Include Vulnerabilities

e-Vision CMS is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities using directory-traversal strings to view local files and execute local scripts within the context of the webserver process...

Yap Blog 'index.php' Remote File Include Vulnerability

Yap Blog is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible. Versions prior to Yap Blog 1.1.1 are...

Dagger RFI Vulnerability (Mar 2009) - Active Check

Dagger is prone to a remote file include RFI vulnerability because it fails to sufficiently sanitize user-supplied data. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Microsoft IIS MS03-018 Security Check

A Cross-Site ScriptingXSSvulnerability affecting IIS 4.0, 5.0 and 5.1 involving the error message that SPDX-FileCopyrightText: 2009 Christian Eric Edjenguele Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

BlindBlog Multiple Local File Include and SQL Injection Vulnerabilities

BlindBlog is prone to a local file-include vulnerability and multiple SQL-injection vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit the local file-include vulnerability using directory-traversal strings to view and execute arbitrary local files...

OneOrZero Helpdesk 'login.php' Local File Include Vulnerability

OneOrZero Helpdesk is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to view and execute arbitrary local files in the context of the webserver process. This may aid in further attacks. OneOrZero...