EUVD-2019-8548

Malware in sbrugna...

CVE-2024-25533

Error messages in RuvarOA v6.01 and v12.01 were discovered to leak the physical path of the website /WorkFlow/OfficeFileUpdate.aspx. This vulnerability can allow attackers to write files to the server or execute arbitrary commands via crafted SQL statements...

PT-2024-20995 · Ruvaroa · Ruvaroa

Name of the Vulnerable Software and Affected Versions: RuvarOA versions 6.01 through 12.01 Description: Error messages in RuvarOA were discovered to leak the physical path of the website, specifically at the /WorkFlow/OfficeFileUpdate.aspx endpoint. This issue can allow attackers to write files t...

WordPress BulletProof Security 5.1 Information Disclosure

Exploit Title: Wordpress Plugin BulletProof Security 5.1 - Sensitive Information Disclosure Date 04.10.2021 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: https://forum.ait-pro.com/read-me-first/ Software Link: https://downloads.wordpress.org/plugin/bulletproof-security.5.1.zip Version: =...

CVE-2021-39327

The BulletProof Security WordPress plugin is vulnerable to sensitive information disclosure due to a file path disclosure in the publicly accessible /dbbackuplog.txt file which grants attackers the full path of the site, in addition to the path of database backup files. This affects versions up t...

CVE-2018-7737

In Z-BlogPHP 1.5.1.1740, there is Web Site physical path leakage, as demonstrated by adminfooter.php or adminfooter.php. NOTE: the software maintainer disputes that this is a vulnerability...

PT-2018-18248 · Z Blogphp · Z-Blogphp

Name of the Vulnerable Software and Affected Versions: Z-BlogPHP version 1.5.1.1740 Description: There is a potential issue in Z-BlogPHP where the physical path of the web site may be leaked, as demonstrated by accessing certain files such as admin footer.php. However, it's noted that the softwar...

MantisBT 2.10.0 'view_all_bug_page' Path Disclosure Vulnerability - Windows

MantisBT is prone to a path disclosure vulnerability. Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

MantisBT 2.10.0 'view_all_bug_page' Path Disclosure Vulnerability - Linux

MantisBT is prone to a path disclosure vulnerability. Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Sisplet CMS <= 05.10 (site_path) Remote File Inclusion Vulnerability

No description provided by source. Sisplet CMS Found by kezzap66345 Script Download:http://www.sisplet.org/uploadi/editor/Sisplet0504.tar.bz2 https://sourceforge.net/project/showfiles.php?groupid=111881 ERROR1: File:main/forum/komentar.php require$sitepath.'main/forum/class.php'; rfi coded RFI1:...

EggBlog v4.X.X Arbitrary File Upload vulnerability

Exploit for php platform in category web applications + Author: TUNISIAN CYBER + Exploit Title: EggBlog v4.X.X Arbitrary File Upload vulnerability + Date: 13-12-2013 + Category: WebApp + Vendor:http://sourceforge.net/projects/eggblog/ + Google Dork: Do Some Work and you'll find it : + Tested on:...

ecshop 4 8 leak site path vulnerability-vulnerability warning-the black bar safety net

http:// 网站 /shop/api/cron.php http:// 网站 /shop/wap/goods.php http:// 网站 /shop/temp/compiled/urhere.lbi.php http:// 网站 /shop/temp/compiled/pages.lbi.php http:// 网站 /shop/temp/compiled/usertransaction.dwt.php http:// 网站 /shop/temp/compiled/history.lbi.php http:// 网站...

Analysis of the postgresql database attack techniques II-vulnerability warning-the black bar safety net

You can see we broke up in a field for the name, then we continue incrementing the offset value, to obtain the other field, as shown in Figure 9 and 1=2 union select 1,columnname,'3','4' from informationschema. the columns where tablename='admins' offset 2 limit 1-- ! Figure 9 Field passowrd is...

dedecms 5.5 procedure leaked site path information-vulnerability warning-the black bar safety net

Vulnerability description: dedecms 5.5 procedure leaked site path information. Test address: http://www.dedecms.com/plus/paycenter/alipay/returnurl.php http://www.dedecms.com/plus/paycenter/cbpayment/autoreceive.php http://www.dedecms.com/plus/paycenter/nps/configpaynps.php...

Advanced Comment System 1.0 - Multiple Remote File Inclusions

Advanced Comment System 1.0 - Multiple Remote File Inclusions ====================================================== Advanced comment system1.0 Remote File Inclusion Vulnerability Found by : kurdish hackers team C0ntact : pshela at YaHoo .com Groups : Kurd-Team site : www.kurdteam.org...

CVE-2008-0645

Multiple PHP remote file inclusion vulnerabilities in Portail Web Php 2.5.1.1 allow remote attackers to execute arbitrary PHP code via a URL in the sitepath parameter to 1 config/conf-activation.php, 2 menu/item.php, and 3 modules/confmodules.php in admin/system/; and 4 system/login.php. NOTE: th...

MangoBery CMS 0.5.5 - quotes.php Remote File Inclusion

MangoBery CMS 0.5.5 - quotes.php Remote File Inclusion Mangobery-0.5.5 Found by kezzap66345 Script Page:http://mangobery.sourceforge.net/ Demo Site:http://mangobery.beryllium.ca/ Script Download:http://sourceforge.net/project/showfiles.php?groupid=63834&packageid=60858...