7 matches found
PAJAX < 0.5.2 Multiple Vulnerabilities
The remote host is running PAJAX, a PHP library for remote asynchronous objects in JavaScript. The version of PAJAX installed on the remote host fails to validate input to the 'pajax/pajaxcalldispatcher.php' script before using it in a PHP 'eval' function. An unauthenticated attacker can exploit...
CVE-2006-1789
Directory traversal vulnerability in pajaxcalldispatcher.php in PAJAX 0.5.1 and earlier allows remote attackers to read arbitrary files via the $className variable...
Directory traversal
Directory traversal vulnerability in pajaxcalldispatcher.php in PAJAX 0.5.1 and earlier allows remote attackers to read arbitrary files via the $className variable...
CVE-2006-1551
PAJAX
CVE-2006-1789
Directory traversal vulnerability in pajaxcalldispatcher.php in PAJAX 0.5.1 and earlier allows remote attackers to read arbitrary files via the $className variable...
CVE-2006-1551
Eval injection vulnerability in pajaxcalldispatcher.php in PAJAX 0.5.1 and earlier allows remote attackers to execute arbitrary code via the 1 $method and 2 $args parameters...
CVE-2006-1789
PAJAX 0.5.1 and earlier expose a directory traversal vulnerability in pajax_call_dispatcher.php that lets an unauthenticated attacker read arbitrary files via the $className variable. This issue is corroborated across multiple sources (NVD/Nessus, CVE-2006-1789). The Nessus plugin explicitly grou...