ezUpload 2.2 - 'form.php?path' Remote File Inclusion

source: https://www.securityfocus.com/bid/14534/info ezUpload is affected by multiple remote file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to execute arbitrary server-side...

Atomic Photo Album 0.x/1.0 - 'Apa_PHPInclude.INC.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/14368/info Atomic Photo Album is susceptible to a remote PHP file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may exploit this issue to execute arbitrary PHP code on an...

SAP Internet Graphics Server (IGS) Directory Traversal Vulnerability

The version of SAP Internet Graphics Server IGS installed on the remote host is affected by a directory traversal vulnerability. An unauthenticated, remote attacker can exploit this, via a specially crafted HTTP GET request, to access arbitrary files on the remote host with the privileges of the...

Spid 1.3 - lang_path File Inclusion

Spid 1.3 - langpath File Inclusion source: https://www.securityfocus.com/bid/14208/info SPiD is a gallery management application written in PHP. SPiD is prone to a remote file include vulnerability, due to lack of validation of user input. An attacker may leverage this issue to execute arbitrary...

Jaws 0.x - Remote File Inclusion

Jaws 0.x - Remote File Inclusion source: https://www.securityfocus.com/bid/14158/info JAWS is prone to a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...

MyGuestbook 0.6.1 - Form.Inc.php3 Remote File Inclusion

MyGuestbook 0.6.1 - Form.Inc.php3 Remote File Inclusion source: https://www.securityfocus.com/bid/14155/info MyGuestbook is prone to a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue...

EasyPHPCalendar 6.1.56.2.x - header.inc.php?serverPath Remote File Inclusion

EasyPHPCalendar 6.1.56.2.x - header.inc.php?serverPath Remote File Inclusion source: https://www.securityfocus.com/bid/14131/info EasyPHPCalendar is prone to multiple remote file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input...

EasyPHPCalendar 6.1.5/6.2.x - 'datePicker.php?serverPath' Remote File Inclusion

source: https://www.securityfocus.com/bid/14131/info EasyPHPCalendar is prone to multiple remote file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to execute arbitrary server-si...

EasyPHPCalendar 6.1.5/6.2.x - 'popup.php?serverPath' Remote File Inclusion

source: https://www.securityfocus.com/bid/14131/info EasyPHPCalendar is prone to multiple remote file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to execute arbitrary server-si...

RaXnet Cacti 0.50.60.8 - Config_Settings.php Remote File Inclusion

RaXnet Cacti 0.50.60.8 - ConfigSettings.php Remote File Inclusion source: https://www.securityfocus.com/bid/14028/info RaXnet Cacti is prone to a remote file include vulnerability. The problem presents itself specifically when an attacker passes the location of a remote attacker-specified script...

RaXnet Cacti 0.5/0.6/0.8 - 'Config_Settings.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/14028/info RaXnet Cacti is prone to a remote file include vulnerability. The problem presents itself specifically when an attacker passes the location of a remote attacker-specified script through the 'configsettings.php' script. An attacker may leverage...

McGallery 1.01.1 - Lang Argument File Disclosure

McGallery 1.01.1 - Lang Argument File Disclosure source: https://www.securityfocus.com/bid/13963/info McGallery is prone to a file disclosure vulnerability. This could let remote attackers access files on the computer in the context of the Web server process...

FusionBB 0.x - Multiple Input Validation Vulnerabilities

FusionBB 0.x - Multiple Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/13939/info FusionBB is affected by multiple vulnerabilities. These issues arise due to a failure of the application to properly sanitize user-supplied input. The following specific vulnerabilities...

Ovidentia FX - Remote File Inclusion

source: https://www.securityfocus.com/bid/13927/info Ovidentia FX is prone to a remote file include vulnerability. An attacker may leverage this issue to execute arbitrary server-side script code on an affected computer with the privileges of the Web server process. This may facilitate unauthoriz...

YaPiG 0.9x - LocalRemote File Inclusion

YaPiG 0.9x - LocalRemote File Inclusion source: https://www.securityfocus.com/bid/13874/info YaPiG is affected by remote and local file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to...

Popper Webmail 1.41 - 'ChildWindow.Inc.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/13851/info Popper is affected by a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary server-side script code on an affect...

PowerDownload 3.0.23.0.3 - IncDir Remote File Inclusion

PowerDownload 3.0.23.0.3 - IncDir Remote File Inclusion source: https://www.securityfocus.com/bid/13822/info PowerDownload is prone to a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this iss...

Golden FTP Server Pro GET Traversal Arbitrary File Access

The version of Golden FTP Server installed on the remote host is prone to a directory traversal attack. Specifically, an attacker can read files located outside a share with '..' sequences subject to the privileges of the FTP server process. TRUSTED...

RaidenFTPd 2.4 - Unauthorized File Access

source: https://www.securityfocus.com/bid/13292/info RaidenFTPD is prone to a vulnerability that could allow unauthorized access to files outside the FTP root. The issue exists due to a lack of sufficient sanitization performed on 'SITE urlget' requests. Directory traversal sequences may be passe...

Compaq WBEM HTTP Server Remote Overflow

The remote host is running a Compaq Web Management server. The remote version of this software is vulnerable to an unspecified buffer overflow that may allow an attacker to execute arbitrary code on the remote host with the privileges of the web server process. C Tenable Network Security, Inc...