79 matches found
Multiple Vulnerabilities in Merak Webmail / IceWarp Web Mail
The target is running at least one instance of Merak Webmail / IceWarp Web Mail 5.2.7 or less or Merak Mail Server 7.5.2 or less - . This product is subject to multiple XSS, HTML and SQL injection, and PHP source code disclosure vulnerabilities. OpenVAS Vulnerability Test $Id:...
badroot-mcNews13.txt
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- BadRoot Security Advisory 2005-0x01 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Thu Mar 17 2005 - 00:46 am GMT +1 Product: mcNews admin/install.php ... 33 if $table==1 34 35 include$l; 36 echo ''.$lGoAdmin.''; 37 ... Impact:...
CVE-2005-0622
RaidenHTTPD 1.1.32, and possibly other versions before 1.1.34, allows remote attackers to view the PHP source code via an HTTP GET request for a filename with a trailing 1 . dot or 2 space...
STG Security Advisory 2004-12-20.16
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 STG Security Advisory: SSA-20041220-16 PHP source injection and cross-site scripting vulnerabilities in ZeroBoard Revision 1.2 Date Published: 2004-12-20 KST Last Update: 2004-12-24 Disclosed by SSR Team [email protected] Summary =======...
STG Security Advisory: [SSA-20041220-16] PHP source injection and cross-site scripting vulnerabilities in ZeroBoard
STG Security Advisory: SSA-20041220-16 PHP source injection and cross-site scripting vulnerabilities in ZeroBoard Revision 1.2 Date Published: 2004-12-20 KST Last Update: 2004-12-24 Disclosed by SSR Team [email protected] Summary ======= ZeroBoard is one of widely used web BBS applications...
Merak Webmail / IceWarp Web Mail < 5.2.8 Multiple Vulnerabilities
The target is running at least one instance of Merak Webmail / IceWarp Web Mail 5.2.7 or less or Merak Mail Server 7.5.2 or less. Such versions are potentially affected by multiple cross-site scripting, HTML and SQL injection, and PHP source code disclosure vulnerabilities. %NASLMINLEVEL 70300 Th...
Merak Mail Server 7.4.5 - calendar.html?schedule SQL Injection
Merak Mail Server 7.4.5 - calendar.html?schedule SQL Injection source: https://www.securityfocus.com/bid/10966/info The webmail package embedded in Merak Mail Server is reported prone to multiple vulnerabilities. The vulnerabilities reported are: - Multiple cross-site scripting vulnerabilities - ...
Merak Mail Server 7.4.5 - address.html Full Path Disclosure
source: https://www.securityfocus.com/bid/10966/info The webmail package embedded in Merak Mail Server is reported prone to multiple vulnerabilities. The vulnerabilities reported are: - Multiple cross-site scripting vulnerabilities - An HTML injection vulnerability - A PHP source code disclosure...
Merak Mail Server 7.4.5 - 'address.html' Multiple Cross-Site Scripting Vulnerabilities
source: https://www.securityfocus.com/bid/10966/info The webmail package embedded in Merak Mail Server is reported prone to multiple vulnerabilities. The vulnerabilities reported are: - Multiple cross-site scripting vulnerabilities - An HTML injection vulnerability - A PHP source code disclosure...
VisNetic WebMail 5.8.6 .6 - Information Disclosure
source: https://www.securityfocus.com/bid/8018/info VisNetic WebMail is prone to an information disclosure vulnerability. Reportedly, by appending a dot '.' character to the end of a URI request to WebMail, the source code of PHP files may be returned in the web browser...
PHP source code injection in BLNews
Product: BLNews Version: 2.1.3 OffSite: http://www.blnews.de/ Problem: PHP source code injection -------------------------------------------- Vulnerability: ------------admin/objects.inc.php4------------ if $itheme!="blubb" include"$Serverpath/admin/tools.inc.php4";...
bug in Club 1.0 - 1.3
Hi, security team www.rst.bb1.ru --= Advisory 6 =-- Product: Club 1.0 - 1.3 http://www.lyanguzov.inc.ru/ Vuln: PHP source injection The php-script Club version 1.0 - 1.3 maybe version 1.2 vuln too, i can't find this version is vuln for PHP source injection. Bug found in file club.php: scip if $p ...
PHP source injection in osCommerce
PHP source injection in osCommerce ---------------------------------- Product Description osCommerce is an open source e-commerce solution under on going development by the open source community. Its feature packed out-of-the- box installation allows store owners to setup, run, and maintain their...
malicious PHP source injection
JCC Security Advisory June 15, 2002 malicious PHP source injection Description Zeroboard is one of popular PHP web boards in Korea. When allowurlfopen = On and registerglobals = On in php.ini, Zeroboard has vulnerability because head.php contains dangerous codes. So an attacker can include any...
CVE-2001-1222
Plesk Server Administrator PSA 1.0 allows remote attackers to obtain PHP source code via an HTTP request containing the target's IP address and a valid account name for the domain...
CVE-2001-1222
Plesk Server Administrator (PSA) 1.0 is affected by CVE-2001-1222: remote attackers can obtain PHP source code by issuing an HTTP request that includes the target IP address and a valid domain account name. The vulnerability is documented in NVD with a medium impact score (CVSSv2: AV:N/AC:L/Au:N/...
CVE-2001-1222
Plesk Server Administrator PSA 1.0 allows remote attackers to obtain PHP source code via an HTTP request containing the target's IP address and a valid account name for the domain...
Доступ к исходным текстам PHP в plesk (source disclosure)
Используя числовой адрес вместо виртуального имени сервера можно получить доступ к исзодным текстам...
CVE-2001-1385
The Apache module for PHP 4.0.0 through PHP 4.0.4, when disabled with the 'engine = off' option for a virtual host, may disable PHP for other virtual hosts, which could cause Apache to serve the source code of PHP scripts...