EUVD-2006-4740

Malware in sbrugna...

EUVD-2006-4741

Malware in sbrugna...

PHProg 1.0 index.php album Parameter XSS

No description provided by source...

PHProg 1.0 - Multiple Input Validation Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/19942/info PHProg is prone to multiple input-validation vulnerabilities because the application fails to sanitize user-supplied input. These issues include a cross-site scripting vulnerability and a local file-include...

PHProg 1.0 index.php lang Parameter Traversal Arbitrary File Access

No description provided by source. source: http://www.securityfocus.com/bid/19957/info PHProg is prone to multiple vulnerabilities. The issues result from insufficient sanitization of user-supplied data and may allow an attacker to carry out cross-site scripting and local file-include attacks...

CVE-2006-4754

Cross-site scripting XSS vulnerability in index.php in PHProg before 1.1 allows remote attackers to inject arbitrary web script or HTML via the album parameter, which is used in an opendir call. NOTE: the same primary issue can be used for full path disclosure with an invalid parameter that revea...

CVE-2006-4753

Directory traversal vulnerability in index.php in PHProg before 1.1 allows remote attackers to read arbitrary files via a .. dot dot in the lang parameter...

CVE-2006-4753

Directory traversal vulnerability in index.php in PHProg before 1.1 allows remote attackers to read arbitrary files via a .. dot dot in the lang parameter...

CVE-2006-4753

PHProg before 1.1 has a directory traversal vulnerability in the index.php file: an attacker can use a ".." in the lang parameter to read arbitrary files. The issue stems from improper input handling in the affected component, enabling potential exposure of sensitive server files. A patch is avai...

CVE-2006-4754

PHProg before 1.1 has a Cross-site Scripting (XSS) flaw in index.php, exploitable via the album parameter used in an opendir call. The same issue can enable full path disclosure with an invalid album value that reveals the installation path in error messages. Affected software: PHProg versions pr...

PHProg.txt

------=Part387718013116.1157965429026 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: quoted-printable Content-Disposition: inline 11/09/06 Produit vuln=E9rable : PHProg Album photo en PHP Site officiel du produit : http://www.PHProg.com/ Failles de...

PT-2006-5528 · Phprog · Phprog

Name of the Vulnerable Software and Affected Versions: PHProg versions prior to 1.1 Description: The issue allows remote attackers to read arbitrary files via a .. dot dot in the lang parameter of the index.php file. This is a directory traversal vulnerability. Recommendations: For versions prior...

PT-2006-5529 · Phprog · Phprog

Name of the Vulnerable Software and Affected Versions: PHProg versions prior to 1.1 Description: The issue is related to a cross-site scripting XSS vulnerability that allows remote attackers to inject arbitrary web script or HTML. This is achieved via the album parameter in index.php, which is us...

PHProg 1.0 - index.php?album Cross-Site Scripting

PHProg 1.0 - index.php?album Cross-Site Scripting source: https://www.securityfocus.com/bid/19957/info PHProg is prone to multiple vulnerabilities. The issues result from insufficient sanitization of user-supplied data and may allow an attacker to carry out cross-site scripting and local...

[Full-disclosure] PHProg : Local File Inclusion + XSS + Full path disclosure

11/09/06 Produit vulnerable : PHProg Album photo en PHP Site officiel du produit : http://www.PHProg.com/ Failles de securite decelees : 1 Full path disclosure : http://localhost/PHProg/?id=1&album=cdg393 2 Cross Site Scripting XSS : http://localhost/PHProg/?id=1&album= scriptalert'cdg393'/script...

PHProg 1.0 - 'index.php?lang' Traversal Arbitrary File Access

source: https://www.securityfocus.com/bid/19957/info PHProg is prone to multiple vulnerabilities. The issues result from insufficient sanitization of user-supplied data and may allow an attacker to carry out cross-site scripting and local file-include attacks. Version 1.0 of PHProg is reported...

PHProg 1.0 - index.php?lang Traversal Arbitrary File Access

PHProg 1.0 - index.php?lang Traversal Arbitrary File Access source: https://www.securityfocus.com/bid/19957/info PHProg is prone to multiple vulnerabilities. The issues result from insufficient sanitization of user-supplied data and may allow an attacker to carry out cross-site scripting and loca...

PHProg 1.0 - Multiple Input Validation Vulnerabilities

PHProg 1.0 - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/19942/info PHProg is prone to multiple input-validation vulnerabilities because the application fails to sanitize user-supplied input. These issues include a cross-site scripting vulnerability and a...