1408 matches found
Gallery: Arbitrary command execution
Background Gallery is a PHP script for maintaining online photo albums. Description The upload handling code in Gallery places uploaded files in a temporary directory. After 30 seconds, these files are deleted if they are not valid images. However, since the file exists for 30 seconds, a carefull...
Bugs fixed in Version 1.4.3
In-Reply-To: [email protected] B. Unspecified File Download Vulnerability B1. An error in the MyDMS software allows to a registered users and only to registered users to download any file, such as /etc/passwd, by inserting in a parameter a text such as...
Plesk Reloaded login_up.php3 login_name Parameter XSS
The remote host is running Plesk Reloaded from SWsoft, a web-based system administration tool. The remote version of this software is vulnerable to a cross-site scripting attack because of its failure to sanitize user input to the 'loginname' parameter of the 'loginup.php3' script. This issue can...
BasiliX login.php3 username Variable Arbitrary Command Execution
The remote host appears to be running a version of BasiliX between 1.0.2beta or 1.0.3beta. In such versions, the script 'login.php3' fails to sanitize user input, which enables a remote attacker to pass in a specially crafted value for the parameter 'username' with arbitrary commands to be execut...
wpquiz.txt
Ok so here is what I found Authors website wireplastik.com currently down php script I found exploit in wpquiz version 2.60b8 also tested on 2.60b 1-7 Exploit: by default wpquiz comes with a folder called extras. This folder is not password protected nor does it require any sort of authentication...
phpBB 2.0.x - 'viewtopic.php' PHP Script Injection
source: https://www.securityfocus.com/bid/10701/info The 'viewtopic.php' phpBB script is prone to a remote PHP script injection vulnerability because the application fails to properly sanitize user-supplied URI parameters before using them to construct dynamically generated web pages. Exploiting...
YaPiG 0.92 - Remote Server-Side Script Execution
source: https://www.securityfocus.com/bid/10891/info A vulnerability is reported to exist in YaPiG that may allow a remote attacker to execute malicious scripts on a vulnerable system. This issue exists due to a lack if sanitization of user-supplied data. It is reported that an attacker may be ab...
centreVuln.txt
Summary: www.miller-group.net The Miller Group, Inc. announces the release of Centre, a free student information system for public and non-public schools. Centre is a web-based, open source, student management product with features that include scheduling, grade book, attendance, eligibility,...
artmedic_links5 PHP Script (include path) vuln
There's a possilbity of looking at files with apache priviliges using artmediclinks5 php script. http://www.artmedic-phpscripts.de/artmediclinks.php. Vulnerability include path is in index.php, standard use: hostname/artmediclinks5/index.php?id=file or index.php?id=url I noticed there's a lot of...
DSA-516 postgresql - buffer overflow
Bulletin has no description...
Invision Power Board index.php pop Parameter XSS
There is a bug in the version of Invision Power Board on the remote host that makes it vulnerable to cross-site scripting attacks. An attacker may exploit this issue to steal the credentials of legitimate users of this site. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
phpMyAdmin255pl1.txt
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Arbitrary File Disclosure Vulnerability in phpMyAdmin 2.5.5-pl1 and prior Summary : phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the WWW. There is a vulnerability in the current stable version of phpMyAdmin...
Laurent Adda Les Commentaires 2.0 - PHP Script 'fonctions.lib.php' Remote File Inclusion
source: https://www.securityfocus.com/bid/9536/info It has been reported that Les Commentaires may be prone to a file include vulnerability in various modules, that may allow an attacker to include malicious external files containing arbitrary PHP code to be executed on a vulnerable system. All...
Laurent Adda Les Commentaires 2.0 - PHP Script admin.php Remote File Inclusion
Laurent Adda Les Commentaires 2.0 - PHP Script admin.php Remote File Inclusion source: https://www.securityfocus.com/bid/9536/info It has been reported that Les Commentaires may be prone to a file include vulnerability in various modules, that may allow an attacker to include malicious external...
Laurent Adda Les Commentaires 2.0 - PHP Script 'derniers_commentaires.php' Remote File Inclusion
source: https://www.securityfocus.com/bid/9536/info It has been reported that Les Commentaires may be prone to a file include vulnerability in various modules, that may allow an attacker to include malicious external files containing arbitrary PHP code to be executed on a vulnerable system. All...
Andys PHP Projects Man Page Lookup Script - Information Disclosure
Andys PHP Projects Man Page Lookup Script - Information Disclosure source: https://www.securityfocus.com/bid/9395/info A problem in the handling of user-supplied input by Andy's PHP Projects Man Page Lookup script has been reported. Because of this, it is possible for an attacker to gain...
Invision Power Top Site List SQL Inection
Vendor : Invision Power Services URL : http://www.invisionpower.com Version : Invision Power Top Site List v1.1 / Risk : SQL Injection Vulnerability Description: Invision Power Top Site List is a flexible site ranking script written in PHP, the popular programming choice for web developers...
[UNIX] Land Down Under auth.php SQL Injection
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...
CuteNews Debug Info Disclosure
There is a bug in the remote version of CuteNews that allows an attacker to obtain information from a call to the phpinfo PHP function such as the username of the user who installed php, if they are a SUDO user, the IP address of the host, the web server version, the system version unix / linux,...
Les Visiteurs v2.0.1 code injection vulnerability
Les Visiteurs is a great statistics script written in php. It gives you some graphicals informations on visitors of your website. This script was distributed by phpinfo.net but is no more maintained since a year. --------- In this version severals unprotected includes can be found in files: -...