DM FileManager 3.9.4 Remote File Inclusion Vulnerability

Exploit for unknown platform in category web applications ======================================================== DM FileManager 3.9.4 Remote File Inclusion Vulnerability ======================================================== + DM FileManager 3.9.4 Remote File Include Vulnerability + Author :...

DM FileManager 3.9.2 - Authentication Bypass

DM FileManager 3.9.2 - Authentication Bypass -------------------------AllaH AkbaR------------------------------- dm-filemanager Auth Bypass Remote Sql Injection --------------------------------------------------------------------------- Discovered By: Snakespc ALGERIAN HaCkEr Mail:...

Unfixed XSS vulnerability at www.monkeyroyale.com

Security researcher Sasi Levi, has submitted on 02/05/2009 a cross-site-scripting XSS vulnerability affecting www.monkeyroyale.com, which at the time of submission ranked 331888 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 30/06/2009. It is...

Mozilla XBM decoder information disclosure

The XBM decoder in Mozilla Firefox before 2.0.0.17 and SeaMonkey before 1.1.12 allows remote attackers to read uninitialized memory, and possibly obtain sensitive information in opportunistic circumstances, via a crafted XBM image file...

security flaw

Mozilla Firefox before 2.0.0.8 and SeaMonkey before 1.1.5, when running on Linux systems with gnome-vfs support, might allow remote attackers to read arbitrary files on SSH/sftp servers that accept key authentication by creating a web page on the target server, in which the web page contains URIs...

Directory traversal

Directory traversal vulnerability in admin/index.php in Monkey CMS 0.0.3 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the adminskin parameter...

CVE-2007-2105

Directory traversal vulnerability in admin/index.php in Monkey CMS 0.0.3 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the adminskin parameter...

CVE-2007-2105

CVE-2007-2105 affects Monkey CMS 0.0.3. The vulnerability is a directory traversal in admin/index.php that lets an attacker cause local-file inclusion and execution by supplying … in the admin_skin parameter, enabling arbitrary code execution on the server. The NVD entry reports a CVSS v2 base sc...

CVE-2007-2105

Directory traversal vulnerability in admin/index.php in Monkey CMS 0.0.3 allows remote attackers to include and execute arbitrary local files via a .. dot dot in the adminskin parameter...

monkeycms-rfi.txt

""""""""""""""""""""""""""""""""""""""""""""""" """ :: :: ::::: :::: """ """ :: :: :: : :: """ """ :::: :: :: ::::: ::::: :::: """ """ :: :: ::: ::: :: :: :: :: :: """ """ :: :: :: : : ::::: :: :: :::: """ """ """ """"""""""""""""""""""""""""""""""""""""""""""" Xmor$ Security Vulnerability Resear...

Monkey CMS v0.0.3 Remote File Include Vulnerabilitiy

""""""""""""""""""""""""""""""""""""""""""""""" """ :: :: ::::: :::: """ """ :: :: :: : :: """ """ :::: :: :: ::::: ::::: :::: """ """ :: :: ::: ::: :: :: :: :: :: """ """ :: :: :: : : ::::: :: :: :::: """ """ """ """"""""""""""""""""""""""""""""""""""""""""""" Xmor$ Security Vulnerability Resear...

security flaw

The child frames in Mozilla Firefox before 1.5.0.10 and 2.x before 2.0.0.2, and SeaMonkey before 1.0.8 inherit the default charset from the parent window, which allows remote attackers to conduct cross-site scripting XSS attacks, as demonstrated using the UTF-7 character set...

CVE-2006-6113

Monkey Boards 0.3.5 allows remote attackers to obtain sensitive information via direct requests to 1 include/adminauth.inc.php and 2 include/engine/class.compiler.php, which reveals the full path in an error message. NOTE: this issue is only an exposure if the administrator has changed the defaul...

CVE-2006-6113

Monkey Boards 0.3.5 allows remote attackers to obtain sensitive information via direct requests to 1 include/adminauth.inc.php and 2 include/engine/class.compiler.php, which reveals the full path in an error message. NOTE: this issue is only an exposure if the administrator has changed the defaul...

CVE-2006-6113

Monkey Boards 0.3.5 and earlier are affected by path-disclosure flaws in include/admin_auth.inc.php and include/engine/class.compiler.php, which allow remote disclosure of the true server script path via error messages. The issue is exploitable remotely if an administrator has changed the default...

CVE-2002-2154

CVE-2002-2154 describes a directory traversal vulnerability in the web server component Monkey HTTP Daemon 0.1.4. Remote attackers can read arbitrary files by using dot-dot sequences in the request path. The problem is documented across multiple feeds (NVD, Red Hat advisories, CVE listings) with ...

CVE-2002-2154

Directory traversal vulnerability in Monkey HTTP Daemon 0.1.4 allows remote attackers to read arbitrary files via .. dot dot sequences...

Monkey HTTP Server <= 0.5.0 DoS Vulnerability

Monkey HTTP Server is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2003 Michel Arboi Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2002-1852

CVE-2002-1852 describes a cross-site scripting (XSS) vulnerability in Monkey 0.5.0. The issue allows remote attackers to inject arbitrary web script or HTML via (1) the URL or (2) a parameter to test2.pl. Connected documents confirm the affected product and the general impact, but do not provide ...

CVE-2002-1852

Cross-site scripting XSS vulnerability in Monkey 0.5.0 allows remote attackers to inject arbitrary web script or HTML via 1 the URL or 2 a parameter to test2.pl...