Gentoo Security Advisory GLSA 200407-22 (dev-db/phpmyadmin)

The remote host is missing updates announced in advisory GLSA 200407-22. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200412-27 (PHProjekt)

The remote host is missing updates announced in advisory GLSA 200412-27. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200805-04 (egroupware)

The remote host is missing updates announced in advisory GLSA 200805-04. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200412-27 (PHProjekt)

The remote host is missing updates announced in advisory GLSA 200412-27. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Gentoo Security Advisory GLSA 200805-04 (egroupware)

The remote host is missing updates announced in advisory GLSA 200805-04. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Zen Cart products_id[] Array SQL Injection

The installed version of Zen Cart does not validate user-supplied input to the 'productsid' parameter array of the 'index.php' script when 'action' is set to 'multipleproductsaddproduct' before using the keys in a database query in the 'incartmixed' function in 'includes/classes/shoppingcart.php'...

Moodle 'lib/kses.php' 'kses_bad_protocol_once' Function Arbitrary PHP Code Execution

The version of Moodle on the remote host includes a version of the KSES HTML filtering library that does not safely call 'pregreplace' in the function 'ksesbadprotocolonce' in 'lib/kses.php'. An unauthenticated, remote attacker can leverage this issue to inject arbitrary PHP code that will be...

FreeBSD Ports: phpbb

The remote host is missing an update to the system as announced in the referenced advisory. VID e3cf89f0-53da-11d9-92b7-ceadd4ac2edd OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

CVE-2008-3769

PHP remote file inclusion vulnerability in admin/createordernew.php in Freeway 1.4.1.171, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the includepage parameter...

Sql injection

Eval injection vulnerability in globalsoff.php in Turnkey PHP Live Helper 2.0.1 and earlier allows remote attackers to execute arbitrary PHP code via the test parameter, and probably arbitrary parameters, to chat.php...

CVE-2008-3764

Eval injection vulnerability in globalsoff.php in Turnkey PHP Live Helper 2.0.1 and earlier allows remote attackers to execute arbitrary PHP code via the test parameter, and probably arbitrary parameters, to chat.php...

CVE-2008-3721

PHP remote file inclusion vulnerability in userlanguage.php in DeeEmm CMS DMCMS 0.7.4 allows remote attackers to execute arbitrary PHP code via a URL in the languagedir parameter...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in CyBoards PHP Lite 1.21 allow remote attackers to execute arbitrary PHP code via a URL in the scriptpath parameter to 1 flatread.php, 2 post.php, 3 processpost.php, 4 processsearch.php, 5 forum.php, 6 processsubscribe.php, 7 read.php, 8...

YapBB 1.2 - class_yapbbcooker.php Remote File Inclusion

YapBB 1.2 - classyapbbcooker.php Remote File Inclusion source: https://www.securityfocus.com/bid/30686/info YapBB is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file...

YapBB 1.2 - 'class_yapbbcooker.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/30686/info YapBB is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in the context ...

Datafeed Studio - patch.php Remote File Inclusion

Datafeed Studio - patch.php Remote File Inclusion source: https://www.securityfocus.com/bid/30659/info Datafeed Studio is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file...

Datafeed Studio - 'patch.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/30659/info Datafeed Studio is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing malicious PHP code and execute it in th...

CVE-2008-3575

PHP remote file inclusion vulnerability in modules/calendar/minicalendar.php in ezContents CMS allows remote attackers to execute arbitrary PHP code via a URL in the GLOBALSgsLanguage parameter, a different vector than CVE-2006-4477 and CVE-2004-0132...

e107 <= 0.7.11 Arbitrary Variable Overwriting Vulnerability

Exploit for unknown platform in category web applications =========================================================== e107 = 0.7.11 Arbitrary Variable Overwriting Vulnerability =========================================================== GulfTech Security Research August 07, 2008 Vendor : Steve...

e107 &lt; 0.7.11 - Arbitrary Variable Overwriting

GulfTech Security Research August 07, 2008 Vendor : Steve Dunstan URL : http://www.e107.org/ Version : e107 = 0.7.11 Risk : Arbitrary Variable Overwriting Description: e107 is a popular full featured content management system written in php. Unfortunately e107 suffers from an arbitrary variable...