Carbon has an arbitrary file include via unvalidated input passed to Carbon::setLocale

Impact Application passing unsanitized user input to Carbon::setLocale are at risk of arbitrary file include, if the application allows users to upload files with .php extension in an folder that allows include or require to read it, then they are at risk of arbitrary code ran on their servers...

Multiple vulnerabilities in third party extensions

Several vulnerabilities have been found in the following third party TYPO3 extensions: "A21glossary Advanced Output" a21glossaryadvancedoutput, "ClickStream Analyzer output" alternetcsaout, "Directory Listing" dirlisting, "Store Locator" locator, "Userdata Create/Edit" sguserdata, "Versatile...

Potential Arbitrary File Access

Summary: A remote attacker may be able to gain access to files which exist outside of the share's defined path. Such files must still be readable by the account used for the connection. Patch Availability The patch for Samba 3.0.2a and earlier releases 3.0.x samba-3.0.2a-reducename.patch can be...

webBlog11.txt

Product: Web Blog 1.1 Remote Execute Commands Bug Affected Versions: 1.1.5 Bug: Command Remote Execution Credits: n3rd - Lit Security Solutions LiSS Affix in irc.brasnet.org Vendor: http://leifwright.com Exploiting:...