857 matches found
3KITS CMS - SQL Injection Vulnerability
========================================================= + Title :- 3KITS CMS - SQL Injection Vulnerability + Date :- 23 - July - 2015 + Vendor Homepage :- http://www.3kits.com/ + Version :- All Versions + Tested on :- Nginx/1.4.5, PHP/5.2.17, Linux - Windows + Category :- webapps + Google Dorks...
Thomson Reuters FATCA v5.1.0.30 - Local File Inclusion Vulnerability
Exploit for hardware platform in category web applications Title: Thomson Reuters FATCA - Local File Inclusion Author: Jakub Pałaczyński Date: 10. June 2015 CVE: CVE-2015-5952 Affected software: ================== All versions of Thomson Reuters FATCA below v5.2 Exploit was tested on:...
WordPress GD bbPress Attachments 2.1 Cross Site Scripting / Local File Inclusion Vulnerabilities
WordPress GD bbPress Attachments plugin version 2.1 suffers from a cross site scripting and Local File Inclusion Vulnerabilities Details ================ Software: GD bbPress Attachments Version: 2.1 Homepage: http://wordpress.org/plugins/gd-bbpress-attachments/ Advisory report:...
WordPress GD bbPress Attachments 2.1 Local File Inclusion
Details ================ Software: GD bbPress Attachments Version: 2.1 Homepage: http://wordpress.org/plugins/gd-bbpress-attachments/ Advisory report: https://security.dxw.com/advisories/local-file-include-vulnerability-in-gd-bbpress-attachments-allows-attackers-to-include-arbitrary-php-files/ CV...
ZenPhoto 1.4.8 - Multiple Vulnerabilities
ZenPhoto version 1.4.8 suffers from cross site scripting, remote SQL injection, and path traversal vulnerabilities. Vulnerability: SQL Injection, Reflected XSS, Path Traversal Affected Software: ZenPhoto http://www.zenphoto.org/ Affected Version: 1.4.8 probably also prior versions Patched Version...
CVE-2015-4153
Directory traversal vulnerability in the zM Ajax Login & Register plugin before 1.1.0 for WordPress allows remote attackers to include and execute arbitrary php files via a relative path in the template parameter in a loadtemplate action to wp-admin/admin-ajax.php...
Sqlbuddy Path Traversal Vulnerability
Exploit Author: John Page hyp3rlinx Website: hyp3rlinx.altervista.org/ Vendor Homepage: www.sqlbuddy.com Version: 1.3.3 SQL Buddy is an open source web based MySQL administration application. Advisory Information: ================== sqlbuddy suffers from directory traversal whereby a user can mov...
Design/Logic Flaw
The fetchView function in the MageCoreBlockTemplateZend class in Magento Community Edition CE 1.9.1.0 and Enterprise Edition EE 1.14.1.0 does not restrict the stream wrapper used in a template path, which allows remote administrators to include and execute arbitrary PHP files via the phar:// stre...
Directory traversal
Multiple directory traversal vulnerabilities in Magento Community Edition CE 1.9.1.0 and Enterprise Edition EE 1.14.1.0 allow remote authenticated users to include and execute certain PHP files via 1 .. dot dot sequences in the PATHINFO to index.php or 2 vectors involving a block value in the...
CVE-2015-1398
Multiple directory traversal vulnerabilities in Magento Community Edition CE 1.9.1.0 and Enterprise Edition EE 1.14.1.0 allow remote authenticated users to include and execute certain PHP files via 1 .. dot dot sequences in the PATHINFO to index.php or 2 vectors involving a block value in the...
CVE-2015-1398
Magento CE 1.9.1.0 and EE 1.14.1.0 are affected by multiple directory traversal vulnerabilities. An authenticated remote attacker can include and execute PHP files via (1) .. sequences in PATH_INFO to index.php, and (2) the ___directive parameter in Cms_Wysiwyg (Adminhtml) related to blockDirecti...
CVE-2015-3458
The fetchView function in the MageCoreBlockTemplateZend class in Magento Community Edition CE 1.9.1.0 and Enterprise Edition EE 1.14.1.0 does not restrict the stream wrapper used in a template path, which allows remote administrators to include and execute arbitrary PHP files via the phar:// stre...
Berta CMS File Upload Bypass Vulnerability
Exploit for php platform in category web applications Berta CMS is a web based content management system using PHP and local file storage. http://www.berta.me/ Due to use of a 3rd party Berta CMS website to redirect links within a phishing email brought to our attention we checked the file upload...
DES exposure checker - Arbitary File Download Vulnerability
DES exposure checker is a free web application, used to see how real DES images look. This vulnerability allow kind of user can to download a file from the distant server, like PHP files, TXT file, etc. Theory : http://SERVER/getImage.php?name=FILE.EXT Example :...
Facebook Open Redirect
Facebook Old Generated URLs Still Vulnerable to Open Redirect Attacks & A New Open Redirect Security Vulnerability Domain: http://www.facebook.com Discover: Wang Jing, School of Physical and Mathematical Sciences SPMS, Nanyang Technological University NTU, Singapore...
TYPO3 Extension ke_dompdf 0.0.3 Remote Code Execution Vulnerability
The TYPO3 extension kedompdf contains a version of the dompdf library including all files originally supplied with it. This includes an examples page, which contains different examples for HTML-entities rendered as a PDF. This page also allows users to enter their own HTML code into a text box to...
CVE-2012-0939
Multiple SQL injection vulnerabilities in TestLink 1.8.5b and earlier allow remote authenticated users with the Requirement view permission to execute arbitrary SQL commands via the reqspecid parameter to 1 reqSpecAnalyse.php, 2 reqSpecPrint.php, or 3 reqSpecView.php in requirements/. NOTE: some ...
VisNetic WebMail 5.8.6 .6 Information Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8018/info VisNetic WebMail is prone to an information disclosure vulnerability. Reportedly, by appending a dot '.' character to the end of a URI request to WebMail, the source code of PHP files may be returned in the web...
Mail Manage EX 3.1.8 MMEX Script Settings Parameter Remote PHP File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/10457/info Mail Manage EX is reportedly prone to a remote file include vulnerability. This vulnerability results from insufficient sanitization of user-supplied data and may allow remote attackers to include arbitrary PHP...
IAPR COMMENCE 1.3 - Multiple Remote File Inclusion Vulnerability
No description provided by source. iaprcommence 1.3 RFI --------------------- Author : ShAy6oOoN --------------------- Group : PitBull Crew --------------------- Script : iaprcommence 1.3 --------------------- Download :...