EUVD-2008-0469

Malware in sbrugna...

Liquid-Silver CMS 0.1 (update) Local File Inclusion Vulnerability

No description provided by source. Liquid-Silver CMS Local File Inclusion Vulnerabilities http://sourceforge.net/project/showfiles.php?groupid=171166 author : Stack-Terrorist v40 foor read a php file ?update=name of file iwthout php for execute exploit does not write extention of file exploit :...

Directory traversal

Directory traversal vulnerability in update/index.php in Liquid-Silver CMS 0.35, when magicquotesgpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. dot dot in the update parameter...

CVE-2008-0459

Directory traversal vulnerability in update/index.php in Liquid-Silver CMS 0.35, when magicquotesgpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. dot dot in the update parameter...

CVE-2008-0459

CVE-2008-0459 affects Liquid-Silver CMS 0.35. A directory traversal flaw in update/index.php allows remote attackers to include and execute arbitrary local files via .. in the update parameter when magic_quotes_gpc is disabled. Root cause: inadequate input sanitization leading to local file inclu...

CVE-2008-0459

Directory traversal vulnerability in update/index.php in Liquid-Silver CMS 0.35, when magicquotesgpc is disabled, allows remote attackers to include and execute arbitrary local files via a .. dot dot in the update parameter...

Liquid-Silver CMS 'update/index.php'本地文件包含漏洞

BUGTRAQ ID: 27425 CNCAN ID:CNCAN-2008012403 Liquid-Silver CMS是一款基于PHP的WEB应用程序。 Liquid-Silver CMS不正确过滤用户提交的URI数据，远程攻击者可以利用漏洞以WEB权限查看系统文件内容。 问题是由于'update/index.php'脚本对用户提交的'update'参数处理缺少充分过滤，提交本地系统文件作为包含对象，可导致以WEB权限查看系统文件内容。 Liquid-Silver CMS Liquid-Silver CMS 0.3 目前没有详细解决方案提供：...

liquidsilver-lfi.txt

Liquid-Silver CMS Local File Inclusion Vulnerabilities http://sourceforge.net/project/showfiles.php?groupid=171166 author : Stack-Terrorist v40 foor read a php file ?update=name of file iwthout php for execute exploit does not write extention of file exploit : /Script/update/index.php?update=/nam...

Liquid-Silver CMS 0.1 (update) Local File Inclusion Vulnerability

Exploit for unknown platform in category web applications ================================================================= Liquid-Silver CMS 0.1 update Local File Inclusion Vulnerability ================================================================= Liquid-Silver CMS Local File Inclusion...

Liquid-Silver CMS 0.1 - update Local File Inclusion

Liquid-Silver CMS 0.1 - update Local File Inclusion Liquid-Silver CMS Local File Inclusion Vulnerabilities http://sourceforge.net/project/showfiles.php?groupid=171166 author : Stack-Terrorist v40 foor read a php file ?update=name of file iwthout php for execute exploit does not write extention of...

Liquid-Silver CMS 0.1 - 'update' Local File Inclusion

Liquid-Silver CMS Local File Inclusion Vulnerabilities http://sourceforge.net/project/showfiles.php?groupid=171166 author : Stack-Terrorist v40 foor read a php file ?update=name of file iwthout php for execute exploit does not write extention of file exploit : /Script/update/index.php?update=/nam...