Callisto PhotoParade Player PhPInfo ActiveX control buffer overflow

Overview The Callisto PhotoParade Player PhPInfo ActiveX control contains a buffer overflow, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Callisto PhotoParade Player includes an ActiveX control called PhPinfo. The ActiveX control...

Unfixed XSS vulnerability at www.dinix.com

Security researcher zuppergazi, has submitted on 09/03/2007 a cross-site-scripting XSS vulnerability affecting www.dinix.com, which at the time of submission ranked 1239216 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 09/03/2007. It is...

Unfixed XSS vulnerability at samua.s58.xrea.com

Security researcher zuppergazi, has submitted on 09/03/2007 a cross-site-scripting XSS vulnerability affecting samua.s58.xrea.com, which at the time of submission ranked 521 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 09/03/2007. It is...

Unfixed XSS vulnerability at catfish.dnsvelocity.com

Security researcher zuppergazi, has submitted on 08/03/2007 a cross-site-scripting XSS vulnerability affecting catfish.dnsvelocity.com, which at the time of submission ranked 1059728 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 08/03/2007. I...

Unfixed XSS vulnerability at www.mijnwebserver.nl

Security researcher zuppergazi, has submitted on 08/03/2007 a cross-site-scripting XSS vulnerability affecting www.mijnwebserver.nl, which at the time of submission ranked 1836382 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 08/03/2007. It i...

Unfixed XSS vulnerability at azuregenesis.com

Security researcher zuppergazi, has submitted on 08/03/2007 a cross-site-scripting XSS vulnerability affecting azuregenesis.com, which at the time of submission ranked 910713 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 08/03/2007. It is...

Unfixed XSS vulnerability at www.isdn.net

Security researcher zuppergazi, has submitted on 08/03/2007 a cross-site-scripting XSS vulnerability affecting www.isdn.net, which at the time of submission ranked 1365685 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 08/03/2007. It is...

Information Disclosure from phpmyadmin

An information disclosure issue has been found in the phpmyadmin extension of TYPO3 that may give access to phpinfo information in special cases. The standalone version of phpmyadmin is not affected. Component Type: Third party extension. This extension is not part of the TYPO3 default...

CVE-2007-3525

Ripe Website Manager 0.8.9 and earlier suffers an information disclosure vulnerability where an unauthenticated remote attacker can access includes/phpinfo.php, which calls phpinfo and reveals configuration information. Root cause: direct request to a file that executes phpinfo. Impact: disclosur...

CVE-2007-3525

Ripe Website Manager 0.8.9 and earlier allows remote attackers to obtain configuration information via a direct request to includes/phpinfo.php, which calls the phpinfo function. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

Information disclosure

Just For Fun Network Management System JFFNMS 0.8.3 allows remote attackers to obtain configuration information via a direct request to admin/adm/test.php, which calls the phpinfo function...

CVE-2007-3191

Just For Fun Network Management System JFFNMS 0.8.3 allows remote attackers to obtain configuration information via a direct request to admin/adm/test.php, which calls the phpinfo function...

CVE-2007-3191

Just For Fun Network Management System JFFNMS 0.8.3 allows remote attackers to obtain configuration information via a direct request to admin/adm/test.php, which calls the phpinfo function...

CVE-2007-3191

The vulnerability CVE-2007-3191 affects Just For Fun Network Management System (JFFNMS) version 0.8.3, where a direct request to admin/adm/test.php triggers phpinfo and exposes configuration information. Public sources among connected documents cite Debian’s DSA-1374-1 and the related Nessus/Open...

CVE-2007-3191

Just For Fun Network Management System JFFNMS 0.8.3 allows remote attackers to obtain configuration information via a direct request to admin/adm/test.php, which calls the phpinfo function...

FreeBSD : php -- multiple vulnerabilities (f5e52bf5-fc77-11db-8163-000e0c2e438a)

The PHP development team reports : Security Enhancements and Fixes in PHP 5.2.2 and PHP 4.4.7 : - Fixed CVE-2007-1001, GD wbmp used with invalid image size - Fixed asciiz byte truncation inside mail - Fixed a bug in mbparsestr that can be used to activate registerglobals - Fixed unallocated memor...

CVE-2007-2016

Cross-site scripting XSS vulnerability in mysql/phpinfo.php in phpMyAdmin 2.6.1 allows remote attackers to inject arbitrary web script or HTML via the lang parameter...

Woven dream content management system（DEDECMS 3.the X+4. X upload vulnerability-vulnerability warning-the black bar safety net

Ghost boy note:accurate to say should be DEDECMS used in the php version of FCKeditor there upload vulnerability, the gif89a file header to cheat, did not expect the php version of FCKeditor, even the existence of such a vulnerability, the gif89a file header spoofing is not fresh things. Sources ...

CVE-2007-1574

CARE2X 2.2, and possibly earlier, allows remote attackers to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2007-1574

CARE2X 2.2, and possibly earlier, allows remote attackers to obtain configuration information via a direct request to phpinfo.php, which calls the phpinfo function. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...