9 matches found
CVE-2020-36542
A vulnerability classified as critical has been found in Demokratian. This affects an unknown part of the file install/install3.php. The manipulation leads to privilege escalation. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. It is...
CVE-2020-36542
A vulnerability classified as critical has been found in Demokratian. This affects an unknown part of the file install/install3.php. The manipulation leads to privilege escalation. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. It is...
Design/Logic Flaw
A vulnerability classified as critical has been found in Demokratian. This affects an unknown part of the file install/install3.php. The manipulation leads to privilege escalation. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. It is...
Demokratian 安全漏洞
Demokratian is a Demokratian open source web application for voting in a simple and secure way. A security vulnerability exists in Demokratian, which originates in the install/install3.php file and can lead to privilege escalation...
CVE-2020-36542
The CVE-2020-36542 entry concerns Demokratian, affecting an unknown part of the file install/install3.php. The vulnerability is described as critical and leads to privilege escalation. It is stated that the attack could be initiated remotely and that the exploit has been disclosed publicly. A pat...
CVE-2020-36542 Demokratian install3.php privileges management
A vulnerability classified as critical has been found in Demokratian. This affects an unknown part of the file install/install3.php. The manipulation leads to privilege escalation. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. It is...
CVE-2011-3816
WEBinsta mailing list manager 1.3e allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by install/install3.php and certain other files...
WEBinsta Mailing List Manager Install3.PHP远程文件包含漏洞
WEBinsta Mailing List Manager是一款基于PHP的邮件列表程序. WEBinsta Mailing List Manager不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞以WEB进程权限执行任意命令。 问题是'install3.php'脚本对用户提交的'cabsolutepath'参数缺少过滤,提交恶意的远程服务器作为包含对象,可导致以WEB进程权限执行任意PHP代码。 WEBInsta WEBinsta Mailing List Manager 1.3.e http://www.tonybibbs.com/index.php?topic=MVCnPHP...
webinsta.txt
+-------------------------------------------------------------------- + + WEBInsta Mailing list manager cabsolutepath 1.3e RFI + + Original advisory: + http://www.bb-pcsecurity.de/Websecurity/311/org/+ WEBInstaMailinglistmanagercabsolutepath1.3eRFI.htm +...