[DSECRG-08-020] RFI-LFI in PowerClan 1.14a

DSECRG-08-020 Digital Security Research Group DSecRG Advisory Application: PowerClan Versions Affected: 1.14a Vendor URL: http://www.powerscripts.org/ Bug: Remote/Local File Include Exploits: YES Reported: 01.02.2008 Vendor Response: none Solution: none Date of Public Advisory: ..2008 Author:...

Quick Classifieds 1.0 - controlcenteruserSet.php3?DOCUMENT_ROOT Remote File Inclusion

Quick Classifieds 1.0 - controlcenteruserSet.php3?DOCUMENTROOT Remote File Inclusion source: https://www.securityfocus.com/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issue...

DSECRG-08-021.txt

DSECRG-08-021 Digital Security Research Group DSecRG Advisory Application: PowerPHPBoard Versions Affected: 1.00b Vendor URL: http://www.powerscripts.org/ Bug: Multiple Local File Include Exploits: YES Reported: 01.02.2008 Vendor Response: none Solution: none Date of Public Advisory: 24.03.2008...

Quick Classifieds 1.0 - styledefault.scheme.inc?DOCUMENT_ROOT Remote File Inclusion

Quick Classifieds 1.0 - styledefault.scheme.inc?DOCUMENTROOT Remote File Inclusion source: https://www.securityfocus.com/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues...

Quick Classifieds 1.0 - 'controlpannel/alterTheme.php3?DOCUMENT_ROOT' Remote File Inclusion

source: https://www.securityfocus.com/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the underlying system; othe...

Quick Classifieds 1.0 - 'controlcenter/manager.php3?DOCUMENT_ROOT' Remote File Inclusion

source: https://www.securityfocus.com/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the underlying system; othe...

Quick Classifieds 1.0 - 'controlpannel/index.php3?DOCUMENT_ROOT' Remote File Inclusion

source: https://www.securityfocus.com/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the underlying system; othe...

Quick Classifieds 1.0 - 'controlpannel/createHomepage.php3?DOCUMENT_ROOT' Remote File Inclusion

source: https://www.securityfocus.com/bid/28417/info Quick Classifieds is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the underlying system; othe...

[DSECRG-08-019] LFI in PowerBook 1.21

Hello, bugtraq. DSECRG-08-031 Digital Security Research Group DSecRG Advisory Application: PowerBook Versions Affected: 1.21 Vendor URL: http://www.powerscripts.org/ Bug: Local File Include Exploits: YES Reported: 01.02.2008 Vendor Response: none Solution: none Date of Public Advisory: ..2008...

Immunity Canvas: PHPAUCTION_INCLUDE

Name| phpauctioninclude ---|--- CVE| CVE-2008-1416 Exploit Pack| CANVAS Description| PHPauction GPL 2.51 Remote File include Notes| CVE Name: CVE-2008-1416 VENDOR: phpauction.net Repeatability: Infinite References: http://securityreason.com/exploitalert/3558 CVE Url:...

W-Agora 4.0 - delete_user.php?bn_dir_default Remote File Inclusion

W-Agora 4.0 - deleteuser.php?bndirdefault Remote File Inclusion source: https://www.securityfocus.com/bid/28366/info w-Agora is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to...

W-Agora 4.0 - delete_notes.php?bn_dir_default Remote File Inclusion

W-Agora 4.0 - deletenotes.php?bndirdefault Remote File Inclusion source: https://www.securityfocus.com/bid/28366/info w-Agora is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to...

W-Agora 4.0 - edit_forum.php?bn_dir_default Remote File Inclusion

W-Agora 4.0 - editforum.php?bndirdefault Remote File Inclusion source: https://www.securityfocus.com/bid/28366/info w-Agora is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to...

W-Agora 4.0 - reorder_forums.php?bn_dir_default Remote File Inclusion

W-Agora 4.0 - reorderforums.php?bndirdefault Remote File Inclusion source: https://www.securityfocus.com/bid/28366/info w-Agora is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to...

W-Agora 4.0 - 'add_user.php?bn_dir_default' Remote File Inclusion

source: https://www.securityfocus.com/bid/28366/info w-Agora is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks...

Elastic Path 4.1 - '/manager/getImportFileRedirect.jsp?file' Traversal Arbitrary File Access

source: https://www.securityfocus.com/bid/28352/info Elastic Path is prone to multiple input-validation vulnerabilities because it fails to properly sanitize user-supplied input. These issues include: - A local file-include vulnerability. - An arbitrary file-upload vulnerability. - A...

Elastic Path 4.1 - '/manager/FileManager.jsp?dir' Traversal Arbitrary Directory Listing

source: https://www.securityfocus.com/bid/28352/info Elastic Path is prone to multiple input-validation vulnerabilities because it fails to properly sanitize user-supplied input. These issues include: - A local file-include vulnerability. - An arbitrary file-upload vulnerability. - A...

W-Agora 4.0 - 'moderate_notes.php?bn_dir_default' Remote File Inclusion

source: https://www.securityfocus.com/bid/28366/info w-Agora is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks...

W-Agora 4.0 - 'reorder_forums.php?bn_dir_default' Remote File Inclusion

source: https://www.securityfocus.com/bid/28366/info w-Agora is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks...

W-Agora 4.0 - 'create_forum.php?bn_dir_default' Remote File Inclusion

source: https://www.securityfocus.com/bid/28366/info w-Agora is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues may allow an attacker to compromise the application and the underlying system; other attacks...