CVE-2007-3192

admin/setup.php in Just For Fun Network Management System JFFNMS 0.8.3 allows remote attackers to read and modify configuration settings via a direct request...

Design/Logic Flaw

admin/setup.php in Just For Fun Network Management System JFFNMS 0.8.3 allows remote attackers to read and modify configuration settings via a direct request...

Cross site scripting

Cross-site scripting XSS vulnerability in setup.php in Audins Audiens 3.3 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2007-1241

Cross-site scripting XSS vulnerability in setup.php in Audins Audiens 3.3 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2007-1241

CVE-2007-1241 is an XSS vulnerability reported in Audins Audiens 3.3, specifically in setup.php, exploitable through PATH_INFO to inject arbitrary script/HTML. Concretely, multiple sources (NVD, CVE lists, Prion, Vulners) describe the same issue; the root cause is not elaborated beyond the PATH_I...

CVE-2007-1241

Cross-site scripting XSS vulnerability in setup.php in Audins Audiens 3.3 allows remote attackers to inject arbitrary web script or HTML via the PATHINFO. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

photocart39.txt

--0-1006808724-1164114500=:98901 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit PhotoCart 3.9 adminprint.php Remote File Include Vulnerability Script site: http://www.picturespro.com/store/programs/129-photocart.html Dork : inurl :/PhotoCart/ Bug Found By : irvian...

Photo Cart 3.9 (adminprint.php) Remote File Include Vulnerability

No description provided by source. PhotoCart 3.9 adminprint.php Remote File Include Vulnerability Script site: http://www.picturespro.com/store/programs/129-photocart.html Dork : inurl :/PhotoCart/ Bug Found By : irvian GreetZ: jipank,kacung,trangkil,ibnusina,cah|gemblunkz,zoid Special greetz:...

Photo Cart 3.9 (adminprint.php) Remote File Include Vulnerability

Exploit for unknown platform in category web applications ================================================================= Photo Cart 3.9 adminprint.php Remote File Include Vulnerability ================================================================= PhotoCart 3.9 adminprint.php Remote File...

Photo Cart 3.9 - 'adminprint.php' Remote File Inclusion

PhotoCart 3.9 adminprint.php Remote File Include Vulnerability Script site: http://www.picturespro.com/store/programs/129-photocart.html Dork : inurl :/PhotoCart/ Bug Found By : irvian GreetZ: jipank,kacung,trangkil,ibnusina,cah|gemblunkz,zoid Special greetz: patihack hitamputih nyubicrew bug fou...

Photo Cart 3.9 - adminprint.php Remote File Inclusion

Photo Cart 3.9 - adminprint.php Remote File Inclusion PhotoCart 3.9 adminprint.php Remote File Include Vulnerability Script site: http://www.picturespro.com/store/programs/129-photocart.html Dork : inurl :/PhotoCart/ Bug Found By : irvian GreetZ: jipank,kacung,trangkil,ibnusina,cah|gemblunkz,zoid...

CVE-2006-2331

Multiple directory traversal vulnerabilities in PHP-Fusion 6.00.306 allow remote attackers to include and execute arbitrary local files via 1 a .. dot dot in the settingslocale parameter in infusions/lastseenuserspanel/lastseenuserspanel.php, and 2 a .. dot dot in the localeset parameter in...

CVE-2006-2331

Multiple directory traversal vulnerabilities in PHP-Fusion 6.00.306 allow remote attackers to include and execute arbitrary local files via 1 a .. dot dot in the settingslocale parameter in infusions/lastseenuserspanel/lastseenuserspanel.php, and 2 a .. dot dot in the localeset parameter in...

[Kurdish Security #2] Artmedic Event Remote File Include Vulnerability

Original Advisory : http://kurdishsecurity.blogspot.com/2006/04/artmedic-event-remote-file-include.html Artmedic Event Remote File Include Vulnerability Website : http://www.artmedic.de/ Script : Artmedic Event Script Risk : High Class : Remote Greetz : B3g0k,Nistiman,Flot,Netqurd etc.. d0rk :...

Scry Gallery Directory Traversal & Full Path Disclosure Vulnerabilites

Software : Scry Gallery WebSite :http://scry.org/ discovred by :Moroccan Security Team + Directory Traversal : A remote attacker may employ directory traversal strings '../' to access arbitrary files outside of the webroot directory. This flaw is due to an input validation error in the "index.php...

osTicket setup.php Accessibility

The target is running at least one instance of an improperly secured installation of osTicket and allows access to setup.php. Since that script does not require authenticated access, it is possible for an attacker to modify osTicket's configuration using a specially crafted call to setup.php to...

osTicket setup.php Accessibility

The target is running at least one instance of an improperly secured installation of osTicket and allows access to setup.php. Copyright C 2005 George A. Theall Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

PHP TopSites setup.php Administration Authentication Bypass

The remote host is running PHP TopSites, a PHP/MySQL-based customizable TopList script. There is a vulnerability in this software which allows an attacker to access the admin/setup interface without authentication. %NASLMINLEVEL 70300 Josh Zlatin-Amishav GPLv2 Changes by Tenable: - Fixed script...

[EXPL] phpStat Authentication Bypass Vulnerability (Exploit, Setup.PHP)

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

CVE-2005-1787

setup.php in phpStat 1.5 allows remote attackers to bypass authentication and gain administrator privileges by setting the $check variable...