7 matches found
PEAR LiveUser < 0.16.8 - Arbitrary File Access
PEAR LiveUser Arbitrary File Access Vendor: Markus Wolff Product: PEAR LiveUser Version: options'cookie''name'; if strlen$cookieData deleteRememberCookie; $this-stack-pushLIVEUSERERRORCOOKIE, 'error', array, 'Wrong data in cookie store in LiveUser::readRememberMeCookie'; return false; $storeid =...
PEAR LiveUser 0.16.8 - Arbitrary File Access
PEAR LiveUser 0.16.8 - Arbitrary File Access PEAR LiveUser Arbitrary File Access Vendor: Markus Wolff Product: PEAR LiveUser Version: options'cookie''name'; if strlen$cookieData deleteRememberCookie; $this-stack-pushLIVEUSERERRORCOOKIE, 'error', array, 'Wrong data in cookie store in...
Campsite 'g_campsiteDir' Remote and Local File Inclusion Vulnerabilities
This host is running Campsite and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodcampsitemultvuln.nasl 5055 2017-01-20 14:08:39Z teissa $ Campsite 'gcampsiteDir' Remote and Local File Inclusion Vulnerabilities Authors: Sharath S Copyright: Copyright c 2009 SecPod,...
CVE-2006-0869
Directory traversal vulnerability in the "remember me" feature in liveuser.php in PHP Extension and Application Repository PEAR LiveUser 0.16.8 and earlier allows remote attackers to determine file existence, and possibly delete arbitrary files with short pathnames or possibly read arbitrary file...
CVE-2006-0869
The CVE-2006-0869 entry concerns PEAR LiveUser before 0.16.9. A directory traversal flaw in the remember-me cookie handling (store_id) allows remote attackers to probe file existence and potentially read or delete arbitrary files on the server. Exploit details exist for PEAR LiveUser
CVE-2006-0869
Directory traversal vulnerability in the "remember me" feature in liveuser.php in PHP Extension and Application Repository PEAR LiveUser 0.16.8 and earlier allows remote attackers to determine file existence, and possibly delete arbitrary files with short pathnames or possibly read arbitrary file...
PEAR LiveUser File Access Vulnerabilities
GulfTech Security Research February 21, 2006 Vendor : Markus Wolff URL : http://pear.php.net/package/LiveUser/ Version : PEAR LiveUser = 0.16.8 Risk : Arbitrary File Access Description: LiveUser is a user authentication and permission management framework that is part of php's PEAR Library...