All4WWW-HomePageCreator 1.0 Index.PHP Arbitrary Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/13169/info All4WWW-Homepagecreator is affected by an arbitrary remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an 'include'...

RaXnet Cacti 0.5/0.6/0.8 Top_Graph_Header.PHP Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14030/info RaXnet Cacti is prone to a remote file include vulnerability. The problem presents itself specifically when an attacker passes the location of a remote attacker-specified script through the 'topgraphheader.php'...

phpldapadmin 0.9.6/0.9.7 welcome.php custom_welcome_page Variable Arbitrary File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/14695/info phpldapadmin is prone to multiple input validation vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. phpldapadmin is prone to a directory traversal...

MyGuestbook 0.6.1 Form.Inc.PHP3 Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14155/info MyGuestbook is prone to a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...

YaPiG 0.9x Remote and Local File Include Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/13874/info YaPiG is affected by remote and local file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to execut...

qEngine 4.1.6/6.0.0 - 'task.php' Local File Inclusion

source: https://www.securityfocus.com/bid/66401/info qEngine is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input before being used to include files. An attacker can exploit this issue using directory-traversal strings to view files and execute...

WordPress Theme Felici - 'Uploadify.php' Arbitrary File Upload

source: https://www.securityfocus.com/bid/66490/info The Felici theme for WordPress is prone to a vulnerability that lets attackers upload arbitrary files. The issue occurs because the application fails to adequately sanitize user-supplied input. An attacker can exploit this issue to upload...

WordPress Plugin Premium Gallery Manager - Arbitrary File Upload

source: https://www.securityfocus.com/bid/66044/info Premium Gallery Manager plugin for WordPress is prone to a vulnerability that lets attackers upload arbitrary files. An attacker can exploit this vulnerability to upload arbitrary code and run it in the context of the web server process. This m...

WordPress Theme Kiddo - Arbitrary File Upload

WordPress Theme Kiddo - Arbitrary File Upload source: https://www.securityfocus.com/bid/65460/info The Kiddo theme for WordPress is prone to a vulnerability that lets attackers upload arbitrary files. The issue occurs because the application fails to sufficiently sanitize file extensions. An...

WordPress Theme Kiddo - Arbitrary File Upload

source: https://www.securityfocus.com/bid/65460/info The Kiddo theme for WordPress is prone to a vulnerability that lets attackers upload arbitrary files. The issue occurs because the application fails to sufficiently sanitize file extensions. An attacker can exploit this issue to upload arbitrar...

AFCommerce - controlheader.php Remote File Inclusion

AFCommerce - controlheader.php Remote File Inclusion source: https://www.securityfocus.com/bid/64541/info AFCommerce is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied input. An attacker can exploit these vulnerabilities to obtain...

AFCommerce - adblock.php Remote File Inclusion

AFCommerce - adblock.php Remote File Inclusion source: https://www.securityfocus.com/bid/64541/info AFCommerce is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied input. An attacker can exploit these vulnerabilities to obtain potentiall...

AFCommerce - 'adminpassword.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/64541/info AFCommerce is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied input. An attacker can exploit these vulnerabilities to obtain potentially sensitive information or to execute arbitrary...

AFCommerce - 'controlheader.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/64541/info AFCommerce is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied input. An attacker can exploit these vulnerabilities to obtain potentially sensitive information or to execute arbitrary...

AFCommerce - 'adblock.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/64541/info AFCommerce is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied input. An attacker can exploit these vulnerabilities to obtain potentially sensitive information or to execute arbitrary...

Veno File Manager - 'q' Arbitrary File Download

source: https://www.securityfocus.com/bid/64346/info Veno File Manager is prone to a vulnerability that lets attackers download arbitrary files because the application fails to sufficiently sanitize user-supplied input. An attacker can exploit this issue to download arbitrary files within the...

WordPress Theme This Way - 'upload_settings_image.php' Arbitrary File Upload

source: https://www.securityfocus.com/bid/63523/info The This Way Theme for WordPress is prone to a vulnerability that lets attackers upload arbitrary files. The issue occurs because the application fails to adequately sanitize user-supplied input. An attacker can exploit this issue to upload...

Important: Red Hat Security Advisory: commons-fileupload security update

An update for the commons-fileupload component that fixes one security issue is now available from the Red Hat Customer Portal for Red Hat JBoss SOA Platform 4.3.0.GACP05 and 5.3.1 GA. The Red Hat Security Response Team has rated this update as having important security impact. A Common...

CakePHP 2.2.8/2.3.7 - AssetDispatcher Class Local File Inclusion

source: https://www.securityfocus.com/bid/61746/info CakePHP is prone to a local file-include vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker can exploit this vulnerability to view files or execute arbitrary script code in the context of the web server...

Citrix Presentation Server 4.5 Code Execution

The version of Citrix Presentation Server installed on the remote Windows host is potentially affected by multiple code execution vulnerabilities. By sending a specially crafted packet to the IMA server process, a remote, unauthenticated attacker could execute arbitrary code subject to the...