Lucene search
K

8856 matches found

OpenVAS
OpenVAS
added 2009/03/16 12:0 a.m.116 views

Yap Blog 'index.php' Remote File Include Vulnerability

Yap Blog is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible. Versions prior to Yap Blog 1.1.1 are...

6.8CVSS0.4AI score0.01652EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2009/03/16 12:0 a.m.32 views

Microsoft IIS MS03-018 Security Check

A Cross-Site ScriptingXSSvulnerability affecting IIS 4.0, 5.0 and 5.1 involving the error message that SPDX-FileCopyrightText: 2009 Christian Eric Edjenguele Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

10CVSS6.5AI score0.42575EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2009/03/16 12:0 a.m.35 views

Dagger RFI Vulnerability (Mar 2009) - Active Check

Dagger is prone to a remote file include RFI vulnerability because it fails to sufficiently sanitize user-supplied data. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

6.8CVSS5.8AI score0.02031EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2009/03/10 12:0 a.m.37 views

BlindBlog Multiple Local File Include and SQL Injection Vulnerabilities

BlindBlog is prone to a local file-include vulnerability and multiple SQL-injection vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit the local file-include vulnerability using directory-traversal strings to view and execute arbitrary local files...

0.3AI score
Exploits0
OpenVAS
OpenVAS
added 2009/03/10 12:0 a.m.18 views

OneOrZero Helpdesk 'login.php' Local File Include Vulnerability

OneOrZero Helpdesk is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to view and execute arbitrary local files in the context of the webserver process. This may aid in further attacks. OneOrZero...

5CVSS6.3AI score0.06539EPSS
Exploits1
OpenVAS
OpenVAS
added 2009/03/10 12:0 a.m.10 views

Golabi CMS 'index_logged.php' Remote File Include Vulnerability

Golabi CMS is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. Exploiting this issue can allow an attacker to compromise the application and the underlying computer; other attacks are also possible. OpenVAS Vulnerability Test $Id:...

0.4AI score
Exploits0
OpenVAS
OpenVAS
added 2009/03/10 12:0 a.m.24 views

OneOrZero Helpdesk <= 1.6.5.7 LFI Vulnerability - Active Check

OneOrZero Helpdesk is prone to a local file include LFI vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

5CVSS6.4AI score0.06539EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2009/03/10 12:0 a.m.20 views

Golabi CMS RFI Vulnerability (Mar 2009) - Active Check

Golabi CMS is prone to a remote file include RFI vulnerability because it fails to sufficiently sanitize user-supplied data. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

7.3AI score
Exploits0References1
OpenVAS
OpenVAS
added 2009/03/10 12:0 a.m.13 views

GhostScripter Amazon Shop Multiple Vulnerabilities (Mar 2009) - Active Check

Amazon Shop is prone to multiple vulnerabilities, including a cross-site scripting issue, a directory-traversal issue, and multiple remote file-include issues, because it fails to sufficiently sanitize user-supplied data. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be...

6.7AI score
Exploits0References1
OpenVAS
OpenVAS
added 2009/03/10 12:0 a.m.21 views

Wili-CMS <= 0.4.0 LFI/RFI/Authentication Bypass Vulnerability - Active Check

Wili-CMS is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.3AI score
Exploits0References1
Apache Httpd
Apache Httpd
added 2009/03/09 12:0 a.m.39 views

Apache Httpd < 2.2.12 : AllowOverride Options handling bypass

A flaw was found in the handling of the "Options" and "AllowOverride" directives. In configurations using the "AllowOverride" directive with certain "Options=" arguments, local users were not restricted from executing commands from a Server-Side-Include script as intended...

4.9CVSS2.1AI score0.01955EPSS
Exploits4Affected Software1
Tenable Nessus
Tenable Nessus
added 2009/03/07 12:0 a.m.25 views

Zabbix Web Interface extlang[] Parameter Remote Code Execution

The remote web server hosts a version of the Zabbix web interface that is affected by a remote code execution vulnerability. The vulnerability involves the 'extlang' parameter of the 'locales.php' script. Provided PHP's 'magicquotesgpc' setting is disabled, an unauthenticated, remote attacker can...

6.4AI score
Exploits0References2
seebug.org
seebug.org
added 2009/03/03 12:0 a.m.83 views

Joomla/Mambo Component eXtplorer Code Execution Vulnerability

No description provided by source. ============================================= INTERNET SECURITY AUDITORS ALERT 2009-002 - Original release date: January 7th, 2009 - Last revised: March 2nd, 2009 - Discovered by: Juan Galiana Lara - Severity: 9/10 CVSS scored...

7.1AI score
Exploits0
canvas
canvas
added 2009/03/02 4:30 p.m.32 views

Immunity Canvas: JOOMLATIMESHEET_RFI

Name| joomlatimesheetrfi ---|--- CVE| CVE-2008-6347 Exploit Pack| CANVAS Description| Joomla comongumatimesheet20 Remote File Include Notes| CVSS: 7.5 Repeatability: Infinite VENDOR: Joomla CVE Url: https://vulners.com/cve/CVE-2008-6347 CVE Name: CVE-2008-6347...

7.5CVSS6.8AI score0.15177EPSS
Exploits2
OpenVAS
OpenVAS
added 2009/03/02 12:0 a.m.37 views

Demium CMS Multiple Local File Include and SQL Injection Vulnerabilities

Demium CMS is prone to multiple local file-include vulnerabilities and SQL-injection vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit the local file-include vulnerabilities using directory-traversal strings to view and execute arbitrary local file...

0.2AI score
Exploits0
OpenVAS
OpenVAS
added 2009/03/02 12:0 a.m.18 views

Demium CMS <= 0.2.1b Multiple Vulnerabilities - Active Check

Demium CMS is prone to multiple local file include and SQL injection SQLi vulnerabilities because it fails to properly sanitize user supplied input. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...

7.6AI score
Exploits0References1
Cvelist
Cvelist
added 2009/02/27 1:0 a.m.19 views

CVE-2008-6308

Multiple directory traversal vulnerabilities in Private Messaging System PMS 1.2.3 and earlier for PunBB allow remote attackers to include and execute arbitrary files via a .. dot dot in the punuserlanguage parameter to 1 functionsnavlinks.php, 2 headernewmessages.php, 3 profilesend.php, and 4...

7.4AI score0.02042EPSS
Exploits1References5
exploitpack
exploitpack
added 2009/02/27 12:0 a.m.9 views

Irokez Blog 0.7.3.2 - Multiple Input Validation Vulnerabilities

Irokez Blog 0.7.3.2 - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/33931/info Irokez Blog is prone to multiple input-validation vulnerabilities: - A cross-site scripting issue - An SQL-injection issue - Multiple remote file-include issues Exploiting these...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2009/02/27 12:0 a.m.14 views

irokez blog 0.7.3.2 - Cross-Site Scripting Remote File Inclusion Blind SQL Injection

irokez blog 0.7.3.2 - Cross-Site Scripting Remote File Inclusion Blind SQL Injection ================================================================================ || Irokez Blog BLIND SQL-INJECTION, INCLUDE, ACTIVE XSS...

Exploits0
0day.today
0day.today
added 2009/02/27 12:0 a.m.21 views

Irokez BLog 0.7.3.2 (XSS/RFI/BSQL) Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications ================================================================== Irokez BLog 0.7.3.2 XSS/RFI/BSQL Multiple Remote Vulnerabilities ==================================================================...

7.1AI score
Exploits0
Rows per page
Query Builder