GuppY 4.5 - dbbatch.php?lng Traversal Arbitrary File Access

GuppY 4.5 - dbbatch.php?lng Traversal Arbitrary File Access source: https://www.securityfocus.com/bid/15610/info GuppY is affected by multiple local file include and information disclosure vulnerabilities. An attacker may leverage these issues to execute arbitrary server-side script code that...

GuppY 4.5 - 'editorTypetool.php?meskin' Traversal Arbitrary File Access

source: https://www.securityfocus.com/bid/15610/info GuppY is affected by multiple local file include and information disclosure vulnerabilities. An attacker may leverage these issues to execute arbitrary server-side script code that resides on an affected computer with the privileges of the Web...

vTiger CRM 4.2 - SQL Injection

vTiger CRM 4.2 - SQL Injection source: https://www.securityfocus.com/bid/15562/info vtiger CRM is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. vTiger CRM is prone to multiple SQL injection, HTML...

vTiger CRM 4.2 - SQL Injection

source: https://www.securityfocus.com/bid/15562/info vtiger CRM is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. vTiger CRM is prone to multiple SQL injection, HTML injection, cross-site scripting...

vTiger CRM 4.2 RSS Aggregation Module - Feed Cross-Site Scripting

source: https://www.securityfocus.com/bid/15562/info vtiger CRM is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. vTiger CRM is prone to multiple SQL injection, HTML injection, cross-site scripting...

CVE-2004-2541

Buffer overflow in Cscope 15.5, and possibly multiple overflows, allows remote attackers to execute arbitrary code via a C file with a long include line that is later browsed by the target...

CVE-2004-2541

Buffer overflow in Cscope 15.5, and possibly multiple overflows, allows remote attackers to execute arbitrary code via a C file with a long include line that is later browsed by the target...

Mambo Open Source / Joomla! GLOBALS Variable Remote File Include

The version of Mambo Open Source or Joomla! running on the remote host is affected by a remote file include vulnerability due to allowing the the GLOBALS variable array to be overwritten whenever the PHP 'registerglobals' setting is disabled. An unauthenticated, remote attacker can exploit this...

CodeGrrl Applications Remote File Inclusion Vulnerabilities

The remote host appears to be running at least one of the PHP applications from CodeGrrl - PHPCalendar, PHPClique, PHPFanBase, or PHPQuotes. Under certain conditions, these applications fail to sanitize input to the 'siteurl' parameter of the 'protection.php' script before using it in a PHP...

XOOPS xoopsConfig[language] Parameter Local File Inclusion (XOOPS_WFd205_xpl)

The remote installation of XOOPS fails to sanitize user-supplied input to the 'xoopsConfiglanguage' parameter of several xoopseditor scripts before using it in PHP 'include' functions. An unauthenticated attacker may be able to leverage these issues to read arbitrary local files and even execute...

PHPWCMS 1.2.5 -DEV - imgdir Traversal Arbitrary File Access

PHPWCMS 1.2.5 -DEV - imgdir Traversal Arbitrary File Access source: https://www.securityfocus.com/bid/15436/info phpWCMS is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to obtain...

PHPWCMS 1.2.5 -DEV - login.php?form_lang Traversal Arbitrary File Access

PHPWCMS 1.2.5 -DEV - login.php?formlang Traversal Arbitrary File Access source: https://www.securityfocus.com/bid/15436/info phpWCMS is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issu...

PHPWCMS 1.2.5 -DEV - 'login.php?form_lang' Traversal Arbitrary File Access

source: https://www.securityfocus.com/bid/15436/info phpWCMS is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker may leverage these issues to obtain sensitive information that may help with further attacks on...

iCMS Remote File Include Vulnerability

iCMS Remote File Include Vulnerability Author: r0t hackers.by.lv Date: 14. nov 2005 software:iCMS vendor:http://www.cogilent.com/ software description: iCMS is an interactive Web Content Management System. The purpose of this product is to facilitate organizations that require power solutions to...

PCCS-Mysql User/Password Exposure

It is possible to read the include file of PCCS-Mysql, dbconnect.inc on the remote server. This include file contains information such as the username and password used to connect to the database. OpenVAS Vulnerability Test $Id: pccsmysqladm.nasl 8023 2017-12-07 08:36:26Z teissa $ Description:...

PhpGroupWare unspecified remote file include vulnerability

The remote host seems to be running PhpGroupWare, is a multi-user groupware suite written in PHP. SPDX-FileCopyrightText: 2004 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

BlackBoard Internet Newsboard System remote file include flaw

The remote version of BlackBoard Internet Newsboard System is vulnerable to a remote file include flaw due to a lack of sanitization of user-supplied data. SPDX-FileCopyrightText: 2004 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

Calendarix Advanced <= 1.5 Multiple Vulnerabilities - Active Check

Calendarix is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2005 Josh Zlatin-Amishav Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2005-3332

PHP remote file include vulnerability in admin/define.inc.php in Belchior Foundry vCard 2.9 allows remote attackers to execute arbitrary PHP code via the match parameter...

CVE-2005-3332

Vulnerability (CVE-2005-3332) in Belchior Foundry’s vCard 2.9: PHP remote file include in admin/define.inc.php allows an attacker to execute arbitrary PHP code via the match parameter. Multiple sources (NVD, Red Hat advisory, Nessus plugin) corroborate the flaw and impact. Affected software is th...