EUVD-2007-1155

Malware in sbrugna...

Pagesetter 6.2/6.3.0 index.PHP Local File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/22733/info Pagesetter is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized user to view files and execute local scripts...

SA-20070226-0.txt

SEC Consult Security Advisory 20070226-0 ======================================================================= title: File Disclosure in Pagesetter for PostNuke program: Pagesetter page creation module vulnerable version: 6.2.0 6.3.0 beta 5 impact: high homepage: http://www.elfisk.dk found:...

CVE-2007-1158

Directory traversal vulnerability in index.php in the Pagesetter 6.2.0 through 6.3.0 beta 5 module for PostNuke allows remote attackers to read arbitrary files via a .. dot dot in the id parameter...

Directory traversal

Directory traversal vulnerability in index.php in the Pagesetter 6.2.0 through 6.3.0 beta 5 module for PostNuke allows remote attackers to read arbitrary files via a .. dot dot in the id parameter...

CVE-2007-1158

Directory traversal vulnerability in index.php in the Pagesetter 6.2.0 through 6.3.0 beta 5 module for PostNuke allows remote attackers to read arbitrary files via a .. dot dot in the id parameter...

CVE-2007-1158

Directory traversal vulnerability in index.php in the Pagesetter 6.2.0 through 6.3.0 beta 5 module for PostNuke allows remote attackers to read arbitrary files via a .. dot dot in the id parameter...

CVE-2007-1158

The CVE-2007-1158 entry refers to a directory traversal in the Pagesetter 6.2.0 through 6.3.0 beta 5 module for PostNuke, via the id parameter in index.php, allowing remote attackers to read arbitrary files using .. traversal. The provided documents give the affected software and the vulnerabilit...

Pagesetter for PostNuke index.php id Parameter Traversal Arbitrary File Access

The third-party Pagesetter module for PostNuke installed on the remote host fails to sanitize input to the 'id' parameter before using it to display a file in the function 'pagesetterfilepreview' of the script 'pnfile.php'. An unauthenticated attacker can exploit this issue to view arbitrary file...

[Full-disclosure] SEC Consult SA-20070226-0 :: File Disclosure in Pagesetter for PostNuke

SEC Consult Security Advisory 20070226-0 ======================================================================= title: File Disclosure in Pagesetter for PostNuke program: Pagesetter page creation module vulnerable version: 6.2.0 6.3.0 beta 5 impact: high homepage: http://www.elfisk.dk found:...

Pagesetter 6.26.3.0 - index.php Local File Inclusion

Pagesetter 6.26.3.0 - index.php Local File Inclusion source: https://www.securityfocus.com/bid/22733/info Pagesetter is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized user to view files and...

Pagesetter 6.2/6.3.0 - 'index.php' Local File Inclusion

source: https://www.securityfocus.com/bid/22733/info Pagesetter is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. Exploiting this issue may allow an unauthorized user to view files and execute local scripts. Pagesetter 6.3.0 beta 5 and prior...