1408 matches found
Netref 4.2 Cat_for_gen.PHP Remote PHP Script Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13275/info A remote PHP script injection vulnerability affects Netref. This issue is due to a failure of the application to sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary PHP script...
eXtreme File Hosting Arbitrary RAR File Upload Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/22498/info eXtreme File Hosting is prone to an arbitrary file-upload vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue could allow an attacker to upload and execute arbitra...
LoudBlog 0.41 podcast.php id Parameter SQL Injection
No description provided by source. source: http://www.securityfocus.com/bid/17023/info Loudblog is prone to multiple input-validation vulnerabilities: - An SQL-injection vulnerability. - Two local file-include vulnerabilities. - An information-disclosure vulnerability. These issues allow remote...
Benjamin Lefevre Dobermann Forum 0.x entete.php subpath Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/6057/info Dobermann Forum is prone to an issue which may allow remote attackers to include arbitrary files located on remote servers. This issue is present in several PHP script files provided with Dobermann. An attacker...
AWCM 2.1 - Local File Inclusion / Auth Bypass Vulnerabilities
No description provided by source. ---------------------------------AWCM v2.1 LFI/Auth Bypass Vulnerabilities--------------------------------------- ---------------------------------------------------------------------------------------------------------------- Script : AWCM version : v2.1...
Softbiz Web Host Directory Script (host_id) - SQL Injection Vulnerability
No description provided by source. \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV89$2008 ----------------------------------------------------------------------------------------- ECHOADV89$2008 Softbiz Web Host Directory Script searchresult.php hostid...
iDev Rentals 1.0 - Multiple Vulnerabilities
No description provided by source. Title: ====== iDev Rentals v1.0 - Multiple Web Vulnerabilities Date: ===== 2012-11-14 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=760 VL-ID: ===== 758 Common Vulnerability Scoring System: ==================================== 3.5...
AutoIndex PHP Script 2.2.1 Index.PHP Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/25448/info AutoIndex PHP Script is prone a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in the...
MagicScripts E-Store Kit-2 PayPal Edition Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/12910/info MagicScripts E-Store Kit-2 PayPal Edition is prone to a remote file include vulnerability. Remote attackers could potentially exploit this issue to include a remote malicious PHP script. If the attacker is able...
AB Banner Exchange (index.php page) Local File Inclusion
No description provided by source. ----------------------------------------------------------- AB Banner Exchange index.php page Local file inclusion Bug discovered by Yakir Wizman Date 24/08/2012 Vendor Homepage - http://www.abscripts.com/ab-banner-exchange/ Demo -...
GuestBookPlus HTML Injection & Bypass Comments Limit
No description provided by source. ======================================================================= In the name of ALLAH ! ======================================================================= GuestBookPlus Script PHP HTML Injection Vuln...
Flax Article Manager 1.1 - Remote PHP Script Upload Vulnerability
No description provided by source. Flax Article Manager 1.1 Remote File Upload Vulnerability ---------------------------------------------------------- Discovered By: S.W.A.T. [email protected] Home: www.batlagh.com Script Page: http://www.clixint.com/products/articles Dork: Copyright 2006 © Fla...
creLoaded <= 6.15 (HTMLAREA) Automated Perl Exploit
No description provided by source. !/usr/bin/perl creLoaded = 6.15 HTMLAREA automated perl exploit hacked up by kaneda [email protected] Rather simple exploit, but still an exploit nonetheless. Attempts to upload php script and utilise that to execute commands, and show off a fake shell. C...
PHP-Nuke 6.0 - Multiple Path Disclosure Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/6406/info Multiple path disclosure vulnerabilities have been discovered in PHP-Nuke. This issue occurs when requesting a PHP script that shouldn't be accessed directly. Exploiting this issue will cause the target server t...
W-Agora 4.2.1 - Multiple Arbitrary File Upload Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/23055/info w-Agora is prone to multiple arbitrary file-upload vulnerabilities. An attacker can exploit these vulnerabilities to upload PHP script code and execute it in the context of the webserver process. w-Agora 4.2.1 ...
Sugar Suite Open Source <= 4.2 (OptimisticLock) Remote Exploit
No description provided by source. !/usr/bin/php -q -d shortopentag=on ? echo Sugar Suite Open Source = 4.2 \OptimisticLock!\ arbitrary remote inclusion exploit\r\n; echo by rgod [email protected]\r\n; echo site: http://retrogod.altervista.org\r\n\r\n; echo this is called the \five claws of...
Web Server Creator Web Portal 0.1 - Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6251/info The Web Server Creator Web Portal is prone to an issue which may allow attackers to include arbitrary files from a remote server. It is possible for remote attackers to influence the include path for the...
OpenEMR 4.1.1 (ofc_upload_image.php) Arbitrary File Upload Vulnerability
No description provided by source. ??php / OpenEMR 4.1.1 ofcuploadimage.php Arbitrary File Upload Vulnerability Vendor: OpenEMR Product web page: http://www.open-emr.org Affected version: 4.1.1 Summary: OpenEMR is a Free and Open Source electronic health records and medical practice management...
Microsoft Internet Explorer 5.5/6.0 Spoofable File Extensions Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3597/info It is possible for a malicious webmaster, hosting files on an website, to spoof file extensions for users of Internet Explorer. For example, an .exe file can be made to look like a .txt or other seemingly harmle...
myphpPageTool 0.4.3 -1 Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6744/info myphpPageTool is prone to an issue which may allow remote attackers to include files located on remote servers. This issue is present in several PHP script files in the /doc/admin folder. Under some circumstance...