6 matches found
EUVD-2008-5733
Malware in sbrugna...
Remote file inclusion
PHP remote file inclusion vulnerability in sloginlib.inc.php in Simple Text-File Login Script SiTeFiLo 1.0.6 allows remote attackers to execute arbitrary PHP code via a URL in the sloginpath parameter...
Improper access control
Simple Text-File Login Script SiTeFiLo 1.0.6 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file containing the password via a direct request for slogusers.txt...
CVE-2008-5763
PHP remote file inclusion vulnerability in sloginlib.inc.php in Simple Text-File Login Script SiTeFiLo 1.0.6 allows remote attackers to execute arbitrary PHP code via a URL in the sloginpath parameter...
CVE-2008-5763
The CVE-2008-5763 entry describes a PHP remote file inclusion vulnerability in Simple Text-File Login Script (SiTeFiLo) 1.0.6. The flaw resides in slogin_lib.inc.php, where an attacker can supply a URL in the slogin_path parameter to trigger remote code execution. Affected component: slogin_lib.i...
CVE-2008-5762
The CVE-2008-5762 entry concerns Simple Text-File Login Script (SiTeFiLo) version 1.0.6. The vulnerability arises from storing sensitive information under the web root with insufficient access control, enabling a remote attacker to download the password database file via a direct request for slog...