CVE-2026-22456

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Askka askka allows PHP Local File Inclusion.This issue affects Askka: from n/a through = 1.0...

CVE-2025-69042

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in goalthemes Lindo lindo allows PHP Local File Inclusion.This issue affects Lindo: from n/a through = 1.2.5...

CVE-2025-54968

An issue was discovered in BAE SOCET GXP before 4.6.0.2. The SOCET GXP Job Service does not require authentication. In some configurations, this may allow remote users to submit jobs, or local users to submit jobs that will execute with the permissions of other users...

GHSA-3JCV-5F9P-2F2P Cross-site Scripting in electron-pdf

electron-pdf version 20.0.0 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does not validate the HTML content entered by the user...

SUSE CVE-2018-12476

Relative Path Traversal vulnerability in obs-service-tarscm of SUSE Linux Enterprise Server 15; openSUSE Factory allows remote attackers with control over a repository to overwrite files on the machine of the local user if a malicious service is executed. This issue affects: SUSE Linux Enterprise...

MiniDVBLinux 5.4 Remote Root Command Injection Vulnerability

Summary MiniDVBLinuxTM Distribution MLD. MLD offers a simple way to convert a standard PC into a Multi Media Centre based on the Video Disk Recorder VDR by Klaus Schmidinger. Features of this Linux based Digital Video Recorder: Watch TV, Timer controlled recordings, Time Shift, DVD and MP3 Replay...

Design/Logic Flaw

Cleartext Transmission of Sensitive Information in /northstar/Admin/login.jsp in Northstar Technologies Inc NorthStar Club Management 6.3 allows remote local user to intercept users credentials transmitted in cleartext over HTTP...

BEWARD N100 H.264 VGA IP Camera M2.1.6 CSRF Add Admin Exploit

Summary The N100 compact color IP camera with support for a more efficient compression format is optimized for low-speed networks, thanks to which it transmits a real-time image over the network with minimal delays. The camera supports the switching of the broadcast modes, and in the event of a...

CVE-2018-6011

The time-based one-time-password TOTP function in the application logic of the Green Electronics RainMachine Mini-8 2nd generation uses the administrator's password hash to generate a 6-digit temporary passcode that can be used for remote and local access, aka a "Use of Password Hash Instead of...

[SECURITY] [DSA 2413-1] libarchive security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2413-1 [email protected] http://www.debian.org/security/ Luk Claes February 20, 2012 http://www.debian.org/security/faq -...

vbShout 5.2.2 Remote / Local File Inclusion

Title: vbShout 5.2.2 Remote/Local File Inlcusion Mod/Admin + Author: fred777 - fred777.5x.to + Link: http://www.dragonbyte-tech.com/vbecommerce.php?do=purchase&act=product&id=2 + Vuln: vbshout.php?do=path/fileNULL-Byte + Greetzz to: SceneCoderz + Contact: [email protected] + -- Vuln...

justVisual 2.0 Local File Inclusion

justVisual 2.0 index.php = LFI Vulnerability +Title: justVisual 2.0 index.php Local File Vulnerability +Version: 2.0 +License: http://www.gnu.org/copyleft/gpl.html +Download: http://fh54.de/justVisual/packages/justVisual2.zip +Risk: Medium +Local: Yes -Remote: No !Author: eidelweiss !Contact:...

PT-2009-1042 · Linux +2 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.31-git11 Red Hat Enterprise Linux kernel versions 2.4.21 Description: The issue concerns multiple vulnerabilities in the Linux kernel and Red Hat Enterprise Linux kernel, which can lead to a disruption of...

Wili-CMS 0.4.0 (RFI/LFI/AB) Multiple Remote Vulnerabilities

No description provided by source. Salvatore "drosophila" Fresta + Application: Wili-CMS + Version: 0.4.0 + Website: http://wili-cms.sourceforge.net/ + Bugs: A Multiple Remote/Local File Inclusion B Authentication Bypass + Exploitation: Remote + Date: 06 Mar 2009 + Discovered by: Salvatore...

XCMS <= 1.82 Remote Local File Inclusion Vulnerability

Exploit for unknown platform in category web applications ====================================================== XCMS / | | | || ||//\|| || XCMS = 1.82 LFI & RCE Xpl Nexen rocked this one ; LFIs http://127.0.0.1/xcms/index.php?pg=admin&s=../../../../../etc/passwd\0...

Lou Portail 1.4.1 Remote|Local File Include Vulnerability

Lou Portail 1.4.1 Class: Remote|Local File Include Vulnerability Patch: Unavailable Published 2006/10/18 Remote: Yes Local: No Type: High Site: http://louportail.free.fr/ Author: MP Contact: [email protected] Vuln Code admin/adminmodule.php: ?... include "$gadminrep/adminutils.$gext"; ...? Vuln 1...

Buffer-overflow and directory traversal bugs in Virtools Web Player 3.0.0.100

Luigi Auriemma Application: Virtools Web Player and probably also other applications which can read the Virtools files but I can't test http://www.virtools.com Versions: = 3.0.0.100 Platforms: Windows seems also Mac is supported Bugs: A buffer-overflow B directory traversal Exploitation:...

blogtorrent092.txt

noglobal security http://noglobal.secnet.org/ | |/ \ / \ | / | || || | ||| || | | || |/||||||/ You think you know? but you have no idea.. || | \ / Security Advisory 2005-0x00 Software: BlogTorrent 0.92 14ae696abdca1688dd577fe486c3981f331457b0d7 Password crypt in md5 -...

CVE-2002-1379

OpenLDAP2 OpenLDAP 2 2.2.0 and earlier allows remote or local attackers to execute arbitrary code when libldap reads the .ldaprc file within applications that are running with extra privileges...

Instant Web Mail additional POP3 commands and mail headers

Instant Web Mail additional POP3 commands and mail headers PROGRAM: Instant Web Mail VENDOR: Jonas Koch Bentzen [email protected] HOMEPAGE: http://understroem.dk/instantwebmail/ VULNERABLE VERSIONS: 0.59 possibly earlier versions too TYPE: remote/local SEVERITY: medium DESCRIPTION: "Instant We...