Freeway 1.4.1.171 - '/templates/Freeway/boxes/whos_online.php?language' Traversal Local File Inclusion

source: https://www.securityfocus.com/bid/30731/info Freeway is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities using directory-traversal strings to view local files in the context of the...

navboard-lfixss.txt

┌┌─────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └─────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An Unimaginable...

cyboards-rfilfixss.txt

┌┌─────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └─────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An Unimaginable...

yapbb-rfi.txt

┌┌─────────────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └─────────────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An Unimaginable...

Meet#Web 0.8 - RegResource.class.php?root_path Remote File Inclusion

MeetWeb 0.8 - RegResource.class.php?rootpath Remote File Inclusion source: https://www.securityfocus.com/bid/30673/info MeetWeb is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to...

Freeway 1.4.1 - Multiple Input Validation Vulnerabilities

Freeway 1.4.1 - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/30676/info Freeway is prone to multiple remote file-include and cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. Freeway 1.4.1.171 is affected; other...

Meet#Web 0.8 - RegForm.class.php?root_path Remote File Inclusion

MeetWeb 0.8 - RegForm.class.php?rootpath Remote File Inclusion source: https://www.securityfocus.com/bid/30673/info MeetWeb is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to...

Nortel Networks SRG V16 - modules.php?module Cross-Site Scripting

Nortel Networks SRG V16 - modules.php?module Cross-Site Scripting source: https://www.securityfocus.com/bid/30687/info Navboard is prone to multiple local file-include vulnerabilities and a cross-site scripting vulnerability. An attacker can exploit the local file-include vulnerability using...

Freeway 1.4.1 - Multiple Input Validation Vulnerabilities

source: https://www.securityfocus.com/bid/30676/info Freeway is prone to multiple remote file-include and cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. Freeway 1.4.1.171 is affected; other versions may also be vulnerable. 1. Multiple Remote/Local...

Nortel Networks SRG V16 - 'modules.php?module' Traversal Local File Inclusion

source: https://www.securityfocus.com/bid/30687/info Navboard is prone to multiple local file-include vulnerabilities and a cross-site scripting vulnerability. An attacker can exploit the local file-include vulnerability using directory-traversal strings to execute local script code in the contex...

Nortel Networks SRG V16 - 'modules.php?module' Cross-Site Scripting

source: https://www.securityfocus.com/bid/30687/info Navboard is prone to multiple local file-include vulnerabilities and a cross-site scripting vulnerability. An attacker can exploit the local file-include vulnerability using directory-traversal strings to execute local script code in the contex...

Datafeed Studio - 'patch.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/30659/info Datafeed Studio is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in th...

Gallery 1.5.7, 1.6-alpha3 (phpEx) Local File Inclusion Vulnerability

No description provided by source. Digital Security Research Group DSecRG Advisory DSECRG-08-035 Application: Gallery Versions Affected: 1.5.7, 1.6-alpha3 Vendor URL: http://gallery.menalto.com/ Bug: Local File Include Exploits: YES Reported: 14.07.2008 Vendor response: 15.07.2008 Solution: YES...

txtSQL 2.2 Final (startup.php) Remote File Inclusion Vulnerability

No description provided by source. ┌┌───────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rise...

DSECRG-08-035.txt

Digital Security Research Group DSecRG Advisory DSECRG-08-035 Application: Gallery Versions Affected: 1.5.7, 1.6-alpha3 Vendor URL: http://gallery.menalto.com/ Bug: Local File Include Exploits: YES Reported: 14.07.2008 Vendor response: 15.07.2008 Solution: YES Date of Public Advisory: 08.08.2008...

txtsql-rfi.txt

┌┌───────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An Unimaginable crack.... ────┐...

linkspider-rfi.txt

============================================================= Linkspider v.1.08 Remote File Include Vulnerability ============================================================== App Name : Linkspider v.1.08 HomePage : http://www.phoenix.frihost.net/linkspider/readme.php Vulnerability Discovered by...

Directory traversal

Directory traversal vulnerability in the usergetprofile function in include/functions.inc.php in Coppermine Photo Gallery CPG 1.4.18 and earlier, when the charset is utf-8, allows remote attackers to include and execute arbitrary local files via a .. dot dot in the lang part of serialized data in...

quatecms-lfixss.txt

┌┌───────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An Unimaginable crack.... ────┐...

Quate CMS 0.3.4 (LFI/XSS) Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications ========================================================= Quate CMS 0.3.4 LFI/XSS Multiple Remote Vulnerabilities =========================================================...