CVE-2002-0513

The PHP administration script in poppermod 1.2.1 and earlier relies on Apache .htaccess authentication, which allows remote attackers to gain privileges if the script is not appropriately configured by the administrator...

SimpleChat Information Disclosure

It is possible to retrieve list of users currently connected to the remote SimpleChat server by requesting the file 'data/usr'. An attacker may use this flaw to obtain the IP address of every user currently connected. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Ref: Date: 20 Mar 2003...

WihPhoto sendphoto.php Traversal Arbitrary File Access

It is possible to make the remote host mail any file contained on its hard drive by using a flaw in WihPhoto's 'util/email.php' script. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Refs: http://www.frog-man.org/tutos/WihPhoto.txt From: "Frog Man" To: [email protected] Subject:...

D-Forum 1 - 'header' Remote File Inclusion

source: https://www.securityfocus.com/bid/6879/info D-Forum is prone to an issue which may allow remote attackers to include files located on remote servers. This issue is present in the /includes/header.php3 and /includes/footer.php3 scripts. Under some circumstances, it is possible for remote...

CVE-2002-1986

Perception LiteServe 2.0 through 2.0.1 allows remote attackers to obtain the source code of CGI scripts via an HTTP request with a trailing dot "."...

CVE-2002-1361

overflow.cgi CGI script in Sun Cobalt RaQ 4 with the SHP Security Hardening Patch installed allows remote attackers to execute arbitrary code via a POST request with shell metacharacters in the email parameter...

PHP-Nuke 6.0 - Web Mail Remote PHP Script Execution

PHP-Nuke 6.0 - Web Mail Remote PHP Script Execution source: https://www.securityfocus.com/bid/6399/info A vulnerability has been discovered in the PHP-Nuke Web Mail module. When a user opens an email that contains an attachment, the file will be put in a remotely accessible web directory. It has...

ION Script 1.4 - Remote File Disclosure

source: https://www.securityfocus.com/bid/6091/info A vulnerability has been discovered in ION Script. By sending a malicious HTTP request to a webserver running the vulnerable ION Script package, it is possible for a remote attacker to disclose arbitrary webserver readable files. As webservers a...

Benjamin Lefevre Dobermann Forum 0.x - 'index.php?subpath' Remote File Inclusion

source: https://www.securityfocus.com/bid/6057/info Dobermann Forum is prone to an issue which may allow remote attackers to include arbitrary files located on remote servers. This issue is present in several PHP script files provided with Dobermann. An attacker may exploit this by supplying a pa...

Benjamin Lefevre Dobermann Forum 0.x - enteteacceuil.php?subpath Remote File Inclusion

Benjamin Lefevre Dobermann Forum 0.x - enteteacceuil.php?subpath Remote File Inclusion source: https://www.securityfocus.com/bid/6057/info Dobermann Forum is prone to an issue which may allow remote attackers to include arbitrary files located on remote servers. This issue is present in several P...

Benjamin Lefevre Dobermann Forum 0.x - index.php?subpath Remote File Inclusion

Benjamin Lefevre Dobermann Forum 0.x - index.php?subpath Remote File Inclusion source: https://www.securityfocus.com/bid/6057/info Dobermann Forum is prone to an issue which may allow remote attackers to include arbitrary files located on remote servers. This issue is present in several PHP scrip...

Easynews does not adequately validate user input thereby disclosing server installation path via crafted URL request

Overview Easynews does not adequately validate user input. Attackers may exploit this vulnerability to learn the filesystem path where the script is installed. Description Easynews is an open-source CGI script designed to create dynamic news story web pages and listings. Easynews does not properl...

Mike Spice's Vote does not adequately validate user input

Overview Mike Spice's Vote does not adequately validate user input, allowing directory traversal. As a result, an attacker can cause Vote to overwrite any file on the server to which the web server process has write privileges. Description Mike Spice's Vote is a CGI script written in Perl and...

Viralator CGI Script Arbitrary Command Execution

The CGI 'viralator.cgi' is installed. Some versions of this CGI are don't check properly the user input and allow anyone to execute arbitrary commands with the privileges of the web server. No flaw was tested. Your script might be a safe version. %NASLMINLEVEL 70300 C Tenable Network Security, In...

Bharat Mediratta Gallery 1.x - Remote File Inclusion

source: https://www.securityfocus.com/bid/5375/info Gallery is prone to an issue which may allow remote attackers to include arbitrary files located on remote servers. This issue is present in several PHP script files provided with Gallery. An attacker may exploit this by supplying a path to a fi...

CVE-2001-1297

CVE-2001-1297 describes a PHP remote file inclusion in the ActionPoll PHP script before 1.1.2. An attacker can supply a URL in the includedir parameter to execute arbitrary PHP code on the server. The documents provide the vulnerability details and affected version, but do not include remediation...

CVE-2002-0579

WorkforceROI Xpede 4.1 allows remote attackers to gain privileges as an Xpede administrator via a direct HTTP request to the /admin/adminproc.asp script, which does not prompt for a password...

b2 php remote command execution

Site: www.cafelog.com Vulnerable: b2 0.6pre2 and earlier. B2 is a php script which allows webmasters to quikly post news on the frontpage and let viewers interact with eachother. A bug exists in the scripts which allows an attacker to remotely execute commands. Exploit: Taken from...

CVE-2002-0319

CVE-2002-0319 describes a cross-site scripting vulnerability in edituser.php for pforum versions 1.14 and earlier. The issue allows remote attackers to inject JavaScript via the username, enabling them to execute script and potentially steal cookies from other users. Affected component: pforum’s ...

IBM Informix Web DataBlade: Local root by design

IBM Informix Web DataBlade: Local root by design By Simon Lodal, Denmark Vendor status: Notified months ago, said they would be working on updates, never heard anything. Software: Web DataBlade 4.12, IDS 9.20/9.21, Linux 2.2/2.4, SunOS 5.7 OS, IDS and WDB versions seem to be irrelevant. Impact: A...