EUVD-2007-0834

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2016-2420

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rootdir/init.rc in Android 4.x before 4.4.4 does not ensure that the /data/tombstones directory exists for the Debuggerd component, which allows attackers to ga...

MGASA-2018-0279 Updated leptonica packages fix security vulnerabilities

This update fixes a security issue potential injection attack using gplot rootdir originally reported in CVE-2018-3836. This fix was incomplete and again reported in CVE-2018-7440 and CVE-2018-7442. The improved fix is included in leptonica-1.76.0...

Updated leptonica packages fix a security vulnerability

Package leptonica has been updated to the current stable version 1.75.2 which fixes a security issue potential injection attack using gplot rootdir reported in CVE-2018-3836...

Hashtopussy Cross-Site Scripting Vulnerability

Hashtopussy is a cross-platform client-server tool for distributing hash table tasks between multiple computers, featuring portability, stability and multi-user support. A cross-site scripting vulnerability exists in Hashtopussy version 0.4.0. A remote attacker can exploit this vulnerability with...

CVE-2016-2420

rootdir/init.rc in Android 4.x before 4.4.4 does not ensure that the /data/tombstones directory exists for the Debuggerd component, which allows attackers to gain privileges via a crafted application, aka internal bug 26403620...

Design/Logic Flaw

rootdir/init.rc in Android 4.x before 4.4.4 does not ensure that the /data/tombstones directory exists for the Debuggerd component, which allows attackers to gain privileges via a crafted application, aka internal bug 26403620...

MundiMail 0.8.2 - Remote Code Execution

MundiMail 0.8.2 - Remote Code Execution Reference: http://www.ccat.edu.mx/advisors/advisor5/advisor5.html Credits: Ccat Research Labs - México - Coatepec, Ver. www.ccat.edu.mx Software Link: http://sourceforge.net/projects/mundimail/ Tested on: Debian, Centos & Windows Server 2000 Preview: Code...

Remote file inclusion

PHP remote file inclusion vulnerability in classes/core/language.php in LimeSurvey 1.5.2 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the rootdir parameter...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in phpBG 0.9.1 allow remote attackers to execute arbitrary PHP code via a URL in the rootdir parameter to 1 intern/admin/other/backup.php, 2 intern/admin/, 3 intern/clan/memberadd.php, 4 intern/config/key2.php, or 5 intern/config/forum.php...

phpbg-rfi.txt

phpBG 0.9.1 rootdir Remote File Inclusion Vulnerability D.Script: http://phpbg.sourceforge.net/ POC: /intern/admin/other/backup.php?admin=1&rootdir=Shell /intern/admin/?rootdir=Shell /intern/clan/memberadd.php?rootdir=Shell /intern/config/key2.php?rootdir=Shell...

phpBG 0.9.1 (rootdir) Remote File Inclusion Vulnerabilities

Exploit for unknown platform in category web applications =========================================================== phpBG 0.9.1 rootdir Remote File Inclusion Vulnerabilities =========================================================== phpBG 0.9.1 rootdir Remote File Inclusion Vulnerability...

phpBG 0.9.1 - 'rootdir' Remote File Inclusion

phpBG 0.9.1 rootdir Remote File Inclusion Vulnerability D.Script: http://phpbg.sourceforge.net/ POC: /intern/admin/other/backup.php?admin=1&rootdir=Shell /intern/admin/?rootdir=Shell /intern/clan/memberadd.php?rootdir=Shell /intern/config/key2.php?rootdir=Shell...

phpBG 0.9.1 - rootdir Remote File Inclusion

phpBG 0.9.1 - rootdir Remote File Inclusion phpBG 0.9.1 rootdir Remote File Inclusion Vulnerability D.Script: http://phpbg.sourceforge.net/ POC: /intern/admin/other/backup.php?admin=1&rootdir=Shell /intern/admin/?rootdir=Shell /intern/clan/memberadd.php?rootdir=Shell...

CVE-2007-0863

PHP remote file inclusion vulnerability in Trevorchan 0.7 and earlier allows remote attackers to execute arbitrary code via the tcconfigrootdir parameter to 1 upgrade.php, 2 paintsave.php, 3 menu.php, 4 manage.php, and 5 banned.php. NOTE: his issue has been disputed by reliable third parties, who...

PT-2007-2305 · Unknown · Trevorchan

Name of the Vulnerable Software and Affected Versions: Trevorchan versions 0.7 and earlier Description: A remote file inclusion issue allows remote attackers to execute arbitrary code via the tc configrootdir parameter to several API endpoints, including "upgrade.php", "paint save.php", "menu.php...

PT-2006-5835 · Net2Ftp · Net2Ftp

Name of the Vulnerable Software and Affected Versions: net2ftp versions 0.1 through 0.62 Description: A remote file inclusion issue in index.php allows remote attackers to execute arbitrary PHP code via a URL in the application rootdir parameter. However, this issue has been disputed by a...