La-Nai CMS <= 1.2.16 (fckeditor) Arbitrary File Upload Exploit

No description provided by source. ?php / -------------------------------------------------------------- La-Nai CMS = 1.2.16 fckeditor Arbitrary File Upload Exploit -------------------------------------------------------------- author...: EgiX mail.....: n0b0d13satgmaildotcom link.....:...

PHPAlbum 0.2.2/0.2.3/4.1 Language.PHP File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17526/info phpAlbum is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to execute arbitrary remote PHP code on an affected compute...

HiveMail 1.2.2/1.3 addressbook.update.php contactgroupid Variable Arbitrary PHP Command Execution

No description provided by source. source: http://www.securityfocus.com/bid/16591/info HiveMail is prone to multiple vulnerabilities. These vulnerabilities may allow the execution of arbitrary PHP code, cross-site scripting attacks, and SQL injection. The PHP code-execution issues are the result ...

Actionpoll 1.1.1 db/DataReaderWriter.php CONFIG_DB Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/20788/info Actionpoll is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote fi...

Actionpoll 1.1.1 db/PollDB.php CONFIG_DATAREADERWRITER Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/20788/info Actionpoll is prone to multiple remote file-include vulnerabilities because the application fails to properly sanitize user-supplied input. An attacker can exploit these issues to include an arbitrary remote fi...

Bookmark4U 2.0 inc/function.php env[include_prefix] Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/18281/info Bookmark4U is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to includ...

Small Axe Weblog 0.3.1 'ffile' Parameter Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/27383/info Small Axe Weblog is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing...

dotWidget for articles 2.0 admin/categories.php Multiple Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/18479/info dotWidget for Articles is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issu...

OpenEMR 4.1.1 (ofc_upload_image.php) Arbitrary File Upload Vulnerability

No description provided by source. ??php / OpenEMR 4.1.1 ofcuploadimage.php Arbitrary File Upload Vulnerability Vendor: OpenEMR Product web page: http://www.open-emr.org Affected version: 4.1.1 Summary: OpenEMR is a Free and Open Source electronic health records and medical practice management...

PHPBook 1.x Mail Field PHP Code Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/16106/info phpBook is prone to a vulnerability that may let remote attackers inject arbitrary PHP code into the application. This code may then be executed by visiting pages that include the injected code. E-mail field:...

Guppy <= 4.5.9 (REMOTE_ADDR) Remote Commands Execution Exploit

No description provided by source. ?php if magicquotesgpc is off you can inject arbitrary php code from rgod /str0ke ---guppy459xpl.php 17.30 28/11/2005 Guppy =4.5.9 SERVERREMOTEADDR overwrite / remote commands xctn coded by rgod site: http://rgod.altervista.org usage: launch from Apache, fill in...

PHPWebNotes 2.0 Api.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14679/info phpWebNotes is prone to a remote file include vulnerability. hpWebNotes is susceptible to a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplie...

dotWidget for articles 2.0 showcatpicks.php file_path Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/18479/info dotWidget for Articles is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issu...

Joomla/Mambo Mod_Forum Component PHPBB_Root.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/24591/info The 'modforum' component for Joomla and Mambo is prone to a remote file-include vulnerability because the application fails to properly sanitize user-supplied input. An attacker can exploit this issue to includ...

DDLCMS 2.1 - (skin) Remote File Inclusion Vulnerability

No description provided by source. ============================================================== DDLCMS v2.1 skin Remote File Inclusion Vulnerability ============================================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' ...

Gravity Board X 1.1 CSS Template Unauthorized Access Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14502/info Gravity Board X GBX is affected by an unauthorized access vulnerability. This issue is due to a failure in the application to perform proper access validation before granting access to privileged functions. An...

Fly-High CMS 2012-07-08 - Unrestricted File Upload Exploit

No description provided by source. ?php / ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team .. +---------------------------^----------| ,-------, | / XXXXXX /| / / XXXXXX / \ / / XXXXXX /\ / XXXXXX / / XXXXXX / ------' Exploit Title : Fly-High CMS...

AzDGVote 0 Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17447/info AzDGVote is prone to a remote file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary...

GenesisTrader 1.0 form.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/21595/info GenesisTrader is prone to multiple input-validation vulnerabilities because the application fails to sufficiently sanitize user-supplied input. These issues include multiple information-disclosure...

Vote! Pro 4.0 - Multiple PHP Code Execution Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/22191/info Multiple VoIP phones using the Aredfox PA168 Chipset are prone to a session-hijacking vulnerability due to a design error. An attacker can exploit this issue to gain administrative access to the embedded...