Lucene search
K

27 matches found

securityvulns
securityvulns
added 2005/07/07 12:0 a.m.27 views

phpSlash account hijacking vulnerability

Sysdream && Serial Savate System. advisory --------------------------------------- xxxxxxxxxxx6.adv.en Program : PHPSLASH Homepage : http://www.php-slash.org Author Contacted : 05/may/2005 Author's Answer : 06/may/2005 joestewart Version tested : 0.7.1, 0.7.2, 0.8., dev Found by : crashfr at...

7.2AI score
Exploits0
CVE
CVE
added 2003/04/02 5:0 a.m.48 views

CVE-2001-1334

PHPSlash 0.6.1 contains a vulnerability in Block_render_url.class that allows remote attackers with PHPSlash administrator privileges to read arbitrary files. By creating a block and specifying the target file as the source URL, an authenticated admin can exfiltrate local files. The CVE entry pro...

5CVSS7.1AI score0.03092EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2003/04/02 5:0 a.m.19 views

CVE-2001-1334

Blockrenderurl.class in PHPSlash 0.6.1 allows remote attackers with PHPSlash administrator privileges to read arbitrary files by creating a block and specifying the target file as the source URL...

6.7AI score0.03092EPSS
Exploits0References4
NVD
NVD
added 2002/05/19 4:0 a.m.17 views

CVE-2001-1334

Blockrenderurl.class in PHPSlash 0.6.1 allows remote attackers with PHPSlash administrator privileges to read arbitrary files by creating a block and specifying the target file as the source URL...

5CVSS6.7AI score0.03092EPSS
Exploits0References4
securityvulns
securityvulns
added 2001/05/16 12:0 a.m.46 views

PHPSlash : potential vulnerability in URL blocks

sAvAte inc. Serial Savate System advisory --------------------------------------- xxxxxxxxxxx2.adv.en Program: PHPSLASH Homepage: http://www.phpslash.org Author Contacted: 15/apr/2001 Answer: 16/apr/2001 ajayrockrock Patch : 16/apr/2001 Version tested: 0.6.1 Found by : tobozo - Problem descriptio...

6.6AI score
Exploits0
exploitpack
exploitpack
added 2001/04/15 12:0 a.m.13 views

PHPSlash 0.5.3 20.6.1 - URL Block Arbitrary File Disclosure

PHPSlash 0.5.3 20.6.1 - URL Block Arbitrary File Disclosure source: https://www.securityfocus.com/bid/2724/info PHPSlash is a widely used open source Groupware utility. PHPSlash contains a vulnerability which may disclose files readable to the webserver process on the underlying host to PHPSlash...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2001/04/15 12:0 a.m.48 views

PHPSlash 0.5.3 2/0.6.1 - URL Block Arbitrary File Disclosure

source: https://www.securityfocus.com/bid/2724/info PHPSlash is a widely used open source Groupware utility. PHPSlash contains a vulnerability which may disclose files readable to the webserver process on the underlying host to PHPSlash users who can 'edit' URL blocks. Exploitation may result in...

7.4AI score
Exploits0
Rows per page
Query Builder