Siren Investigate 安全漏洞

Siren Investigate is a front-end for the Siren platform from Siren Ireland, allowing the creation of dashboards, charts, link analysis, alerts and more. A security vulnerability exists in Siren Investigate versions prior to 12.1.7 that stems from insufficient whitelisting sandboxing of script...

Jason Maloney's Guestbook 3.0 - Remote Command Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9139/info A vulnerability has been reported in Jason Maloney's Guestbook that could result in remote command execution with the privileges of the web server. The problem occurs due to the application failing to sanitize...

Jason Maloneys Guestbook 3.0 - Remote Command Execution

Jason Maloneys Guestbook 3.0 - Remote Command Execution // source: https://www.securityfocus.com/bid/9139/info A vulnerability has been reported in Jason Maloney's Guestbook that could result in remote command execution with the privileges of the web server. The problem occurs due to the...

CVE-2000-0860

The CVE-2000-0860 entry concerns PHP 3 and PHP 4 file-upload handling. The vulnerability arises from RFC 1867-based file uploads where an attacker can manipulate hidden form field names that correspond to internal PHP variables, enabling reading of arbitrary files. Public documentation in connect...

CVE-2000-0860

The file upload capability in PHP versions 3 and 4 allows remote attackers to read arbitrary files by setting hidden form fields whose names match the names of internal PHP script variables...