News Script PHP Pro Cross-Site Request Forgery Vulnerability

News Script PHP Pro is a PHP/MySQL based web script from Simple PHP Scripts for displaying news on your website. A cross-site request forgery vulnerability exists in News Script PHP Pro 2.3. An attacker can exploit this vulnerability to add new users...

68KB 1.0.0rc4 - Remote File Inclusion

==================================================== 68KB v1.0.0rc4 Remote File Include Vulnerability ==================================================== Vendor: http://68kb.com download: http://github.com/68designs/68KB/downloads Author: eidelweiss Contact: g1xsystematwindowslive.com Original...

RE: [NOBYTES.COM: #6] CubeCart 2.0.6 - Information Disclosure

Hello, http://www.victimsite.com/index.php?&language=f00bar.php Warning: Failed opening '/var/www/html/admin/lang/f00bar.php' for inclusion includepath='.:/usr/share/pear' in /var/www/html/admin/settings.inc.php on line 147 This is path disclosure but it can also be used for malicious file includ...