8856 matches found
Yap Blog 'index.php' Remote File Include Vulnerability
Yap Blog is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible. Versions prior to Yap Blog 1.1.1 are...
Microsoft IIS MS03-018 Security Check
A Cross-Site ScriptingXSSvulnerability affecting IIS 4.0, 5.0 and 5.1 involving the error message that SPDX-FileCopyrightText: 2009 Christian Eric Edjenguele Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Dagger RFI Vulnerability (Mar 2009) - Active Check
Dagger is prone to a remote file include RFI vulnerability because it fails to sufficiently sanitize user-supplied data. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
BlindBlog Multiple Local File Include and SQL Injection Vulnerabilities
BlindBlog is prone to a local file-include vulnerability and multiple SQL-injection vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit the local file-include vulnerability using directory-traversal strings to view and execute arbitrary local files...
OneOrZero Helpdesk 'login.php' Local File Include Vulnerability
OneOrZero Helpdesk is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to view and execute arbitrary local files in the context of the webserver process. This may aid in further attacks. OneOrZero...
Golabi CMS 'index_logged.php' Remote File Include Vulnerability
Golabi CMS is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue can allow an attacker to compromise the application and the underlying computer; other attacks are also possible. OpenVAS Vulnerability Test $Id:...
OneOrZero Helpdesk <= 1.6.5.7 LFI Vulnerability - Active Check
OneOrZero Helpdesk is prone to a local file include LFI vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Golabi CMS RFI Vulnerability (Mar 2009) - Active Check
Golabi CMS is prone to a remote file include RFI vulnerability because it fails to sufficiently sanitize user-supplied data. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
GhostScripter Amazon Shop Multiple Vulnerabilities (Mar 2009) - Active Check
Amazon Shop is prone to multiple vulnerabilities, including a cross-site scripting issue, a directory-traversal issue, and multiple remote file-include issues, because it fails to sufficiently sanitize user-supplied data. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be...
Wili-CMS <= 0.4.0 LFI/RFI/Authentication Bypass Vulnerability - Active Check
Wili-CMS is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Apache Httpd < 2.2.12 : AllowOverride Options handling bypass
A flaw was found in the handling of the "Options" and "AllowOverride" directives. In configurations using the "AllowOverride" directive with certain "Options=" arguments, local users were not restricted from executing commands from a Server-Side-Include script as intended...
Zabbix Web Interface extlang[] Parameter Remote Code Execution
The remote web server hosts a version of the Zabbix web interface that is affected by a remote code execution vulnerability. The vulnerability involves the 'extlang' parameter of the 'locales.php' script. Provided PHP's 'magicquotesgpc' setting is disabled, an unauthenticated, remote attacker can...
Joomla/Mambo Component eXtplorer Code Execution Vulnerability
No description provided by source. ============================================= INTERNET SECURITY AUDITORS ALERT 2009-002 - Original release date: January 7th, 2009 - Last revised: March 2nd, 2009 - Discovered by: Juan Galiana Lara - Severity: 9/10 CVSS scored...
Immunity Canvas: JOOMLATIMESHEET_RFI
Name| joomlatimesheetrfi ---|--- CVE| CVE-2008-6347 Exploit Pack| CANVAS Description| Joomla comongumatimesheet20 Remote File Include Notes| CVSS: 7.5 Repeatability: Infinite VENDOR: Joomla CVE Url: https://vulners.com/cve/CVE-2008-6347 CVE Name: CVE-2008-6347...
Demium CMS Multiple Local File Include and SQL Injection Vulnerabilities
Demium CMS is prone to multiple local file-include vulnerabilities and SQL-injection vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit the local file-include vulnerabilities using directory-traversal strings to view and execute arbitrary local file...
Demium CMS <= 0.2.1b Multiple Vulnerabilities - Active Check
Demium CMS is prone to multiple local file include and SQL injection SQLi vulnerabilities because it fails to properly sanitize user supplied input. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...
CVE-2008-6308
Multiple directory traversal vulnerabilities in Private Messaging System PMS 1.2.3 and earlier for PunBB allow remote attackers to include and execute arbitrary files via a .. dot dot in the punuserlanguage parameter to 1 functionsnavlinks.php, 2 headernewmessages.php, 3 profilesend.php, and 4...
Irokez Blog 0.7.3.2 - Multiple Input Validation Vulnerabilities
Irokez Blog 0.7.3.2 - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/33931/info Irokez Blog is prone to multiple input-validation vulnerabilities: - A cross-site scripting issue - An SQL-injection issue - Multiple remote file-include issues Exploiting these...
irokez blog 0.7.3.2 - Cross-Site Scripting Remote File Inclusion Blind SQL Injection
irokez blog 0.7.3.2 - Cross-Site Scripting Remote File Inclusion Blind SQL Injection ================================================================================ || Irokez Blog BLIND SQL-INJECTION, INCLUDE, ACTIVE XSS...
Irokez BLog 0.7.3.2 (XSS/RFI/BSQL) Multiple Remote Vulnerabilities
Exploit for unknown platform in category web applications ================================================================== Irokez BLog 0.7.3.2 XSS/RFI/BSQL Multiple Remote Vulnerabilities ==================================================================...