EUVD-2009-1405

Malware in sbrugna...

NotFTP config.php本地文件包含漏洞

BUGTRAQ ID: 34636 CVECAN ID: CVE-2009-1407 NotFTP是用PHP编写的基于Web的HTTP-FTP网关。 NotFTP的config.php脚本没有正确地过滤用户所提交的参数，如果远程攻击者在提交的URL请求中使用newlang参数指定了本地系统的恶意文件的话，就可能在Web服务器上读取敏感信息或执行任意代码。以下是config.php脚本中的有漏洞代码段： if isset$newlang requireonce"lib/lang/".$languages$newlang"file"; elseif...

CVE-2009-1407

Directory traversal vulnerability in config.php in NotFTP 1.3.1 allows remote attackers to read arbitrary files via a .. dot dot in a certain languagesfile parameter...

Directory traversal

Directory traversal vulnerability in config.php in NotFTP 1.3.1 allows remote attackers to read arbitrary files via a .. dot dot in a certain languagesfile parameter...

CVE-2009-1407

Directory traversal vulnerability in config.php in NotFTP 1.3.1 allows remote attackers to read arbitrary files via a .. dot dot in a certain languagesfile parameter...

CVE-2009-1407

NotFTP 1.3.1 is affected by a directory traversal/Local File Inclusion in config.php. The script fails to properly filter user input in languages[][file] (and related language loading logic), allowing remote attackers to read arbitrary local files via crafted URLs (e.g., .. paths). The vulnerabil...

NotFTP 'config.php' Local File Include Vulnerability

NotFTP is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to view and execute arbitrary local files in the context of the webserver process. This may aid in further attacks. NotFTP 1.3.1 is vulnerabl...

NotFTP Detection

This host is running NotFTP, a Web-based HTTP-FTP gateway written in PHP. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

NotFTP Detection

This host is running NotFTP, a Web-based HTTP-FTP gateway written in PHP. OpenVAS Vulnerability Test $Id: notftpdetect.nasl 5737 2017-03-27 14:18:12Z cfi $ NotFTP Detection Authors: Michael Meyer Copyright: Copyright c 2009 Greenbone Networks GmbH This program is free software; you can redistribu...

NotFTP 'config.php' Local File Include Vulnerability

NotFTP is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

NotFTP 1.3.1 (newlang) Local File Inclusion Vulnerability

Exploit for unknown platform in category web applications ========================================================= NotFTP 1.3.1 newlang Local File Inclusion Vulnerability ========================================================= NotFTP 1.3.1 = Local file include...

NotFTP 1.3.1 - 'newlang' Local File Inclusion

NotFTP 1.3.1 = Local file include http://sourceforge.net/projects/notftp/ Author: Kacper Email: [email protected] Home: http://devilteam.pl/ DC++ Hub address: bluber-hub.no-ip.biz:2008 Vuln: File config.php: This is where we decide what language to use. Don't mess with this either. if...

NotFTP 1.3.1 (newlang) Local File Inclusion Vulnerability

No description provided by source. NotFTP 1.3.1 = Local file include http://sourceforge.net/projects/notftp/ Author: Kacper Email: [email protected] Home: http://devilteam.pl/ DC++ Hub address: bluber-hub.no-ip.biz:2008 Vuln: File config.php: This is where we decide what language to use. Don't...

NotFTP 1.3.1 Local File Inclusion

NotFTP 1.3.1 = Local file include http://sourceforge.net/projects/notftp/ Author: Kacper Email: [email protected] Home: http://devilteam.pl/ DC++ Hub address: bluber-hub.no-ip.biz:2008 Vuln: File config.php: This is where we decide what language to use. Don't mess with this either. if...

NotFTP 1.3.1 - newlang Local File Inclusion

NotFTP 1.3.1 - newlang Local File Inclusion NotFTP 1.3.1 = Local file include http://sourceforge.net/projects/notftp/ Author: Kacper Email: [email protected] Home: http://devilteam.pl/ DC++ Hub address: bluber-hub.no-ip.biz:2008 Vuln: File config.php: This is where we decide what language to us...