CVE-2008-4803

CVE-2008-4803 affects the Simple PHP Scripts Gallery (index.php) versions 0.1, 0.3 and 0.4. The vulnerability is a reflected XSS triggered through the gallery parameter, allowing an attacker to inject arbitrary script/HTML. The available documents do not provide remediation details or explicit ex...

Gentoo Security Advisory GLSA 200503-04 (phpwebsite)

The remote host is missing updates announced in advisory GLSA 200503-04. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200501-12 (tikiwiki)

The remote host is missing updates announced in advisory GLSA 200501-12. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Gentoo Security Advisory GLSA 200501-41 (tikiwiki)

The remote host is missing updates announced in advisory GLSA 200501-41. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Gentoo Security Advisory GLSA 200503-04 (phpwebsite)

The remote host is missing updates announced in advisory GLSA 200503-04. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Gentoo Security Advisory GLSA 200501-41 (tikiwiki)

The remote host is missing updates announced in advisory GLSA 200501-41. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Jaw Portal 1.2 - 'index.php' Multiple Local File Inclusions

source: https://www.securityfocus.com/bid/31099/info Jaw Portal is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities using directory-traversal strings to execute arbitrary local PHP scripts...

Jaw Portal 1.2 - index.php Multiple Local File Inclusions

Jaw Portal 1.2 - index.php Multiple Local File Inclusions source: https://www.securityfocus.com/bid/31099/info Jaw Portal is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker can exploit these vulnerabilities using...

CVE-2008-3737

Unspecified vulnerability in 1 System Consultants La!Cooda WIZ 1.4.0 and earlier and 2 SpaceTag LacoodaST 2.1.3 and earlier allows remote attackers to execute arbitrary PHP scripts, and delete files, read files, and possibly have unknown other impact...

Code injection

Unspecified vulnerability in 1 System Consultants La!Cooda WIZ 1.4.0 and earlier and 2 SpaceTag LacoodaST 2.1.3 and earlier allows remote attackers to execute arbitrary PHP scripts, and delete files, read files, and possibly have unknown other impact...

CVE-2008-3737

Unspecified vulnerability in 1 System Consultants La!Cooda WIZ 1.4.0 and earlier and 2 SpaceTag LacoodaST 2.1.3 and earlier allows remote attackers to execute arbitrary PHP scripts, and delete files, read files, and possibly have unknown other impact...

A+ PHP Scripts NMS Insecure Cookie Handling Vulnerability

No description provided by source. ...:::::A+ PHP Scripts - News Management System Insecure Cookie Handling Vulnerability ::::.... Virangar Security Team www.virangar.net www.virangar.ir -------- Discoverd By :virangar security teamhadihadi special tnx to:MR.nosrati,black.shadowes,MR.hesy,Zahra &...

A+ PHP Scripts - Nms Insecure Cookie Handling

A+ PHP Scripts - Nms Insecure Cookie Handling ...:::::A+ PHP Scripts - News Management System Insecure Cookie Handling Vulnerability ::::.... Virangar Security Team www.virangar.net www.virangar.ir -------- Discoverd By :virangar security teamhadihadi special tnx...

aplus-rfilfi.txt

┌┌───────────────────────────────────────────────────────────────────────────┐ ││ C r a C k E r ┌┘ ┌┘ T H E C R A C K O F E T E R N A L M I G H T ││ └───────────────────────────────────────────────────────────────────────────┘┘ ┌──── From The Ashes and Dust Rises An Unimaginable crack.... ────┐...

A+ PHP Scripts News Management System 0.3 - Multiple Input Validation Vulnerabilities

A+ PHP Scripts News Management System 0.3 - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/29912/info A+ PHP Scripts News Management System is prone to multiple input-validation vulnerabilities, including a remote file-include issue, multiple local file-includ...

Debian Security Advisory DSA 1550-1 (suphp)

The remote host is missing an update to suphp announced via advisory DSA 1550-1. OpenVAS Vulnerability Test $Id: deb15501.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1550-1 suphp Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

CVE-2008-1734

Interpretation conflict in PHP Toolkit before 1.0.1 on Gentoo Linux might allow local users to cause a denial of service PHP outage and read contents of PHP scripts by creating a file with a one-letter lowercase alphabetic name, which triggers interpretation of a certain unquoted a-z argument as ...

[SECURITY] [DSA 1550-1] New suphp packages fix local privilege escalation

------------------------------------------------------------------------ Debian Security Advisory DSA-1550-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff April 17, 2008 http://www.debian.org/security/faq -...

CVE-2008-1866

admin/modifconfig.php in Blog Pixel Motion aka PixelMotion does not require admin authentication, which allows remote authenticated users to upload arbitrary PHP scripts in a ZIP archive, which is written to templateZip/ and then automatically extracted under templates/ for execution via a direct...

CVE-2008-1866

The CVE-2008-1866 issue affects Blog Pixel Motion (PixelMotion), where admin/modif_config.php does not require admin authentication. This allows remote authenticated users to upload arbitrary PHP scripts inside a ZIP archive, which is written to templateZip/ and then automatically extracted under...