NeoBill CMS 0.8 Alpha - Multiple Vulnerabilities

No description provided by source. Title: ====== NeoBill CMS v0.8 Alpha - Multiple Web Vulnerabilities Date: ===== 2012-08-18 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=685 VL-ID: ===== 685 Common Vulnerability Scoring System: ==================================== 3...

GE-Fanuc Proficy Real-Time Information Portal远程脚本上传及执行漏洞

BUGTRAQ ID: 27446 CVECAN ID: CVE-2008-0175 Proficy Real-Time Information Portal是一个基于Web的解决方案，将基于在线和过程的系统与厂级连接性、分析和人机界面器件集成起来。 Proficy Real-Time Information Portal在处理用户请求时存在漏洞，远程攻击者可能利用此漏洞控制服务器。 Proficy Real-Time Information Portal没有对Add WebSource执行正确的Java...

PHPMySMS gateway.php远程文件包含漏洞

BUGTRAQ ID: 18633 PHPMySMS是一款开放源码的用PHP实现的基于Web的短信解决方案。 PHPMySMS的实现上存在输入验证漏洞，远程攻击者可能利用此漏洞在服务器上执行任意命令。 远程攻击者可以利用PHPMySMS的gateway.php文件中的远程文件包含漏洞执行任意PHP代码。漏洞代码如下： ============================================================== if $POSTmode == "1" or $GETmode == "1" include "config.php"; else include...

TestDirector (TD) for Mercury Quality Center SPIDERLib.Loader ActiveX Control (Spider90.ocx) ProgColor Property Overflow (2)

The remote host is running Mercury Quality Center, a web-based solution for automatic software testing. The version of Quality Center installed on the remote host hosts an ActiveX control affected by a buffer overflow vulnerability and will serve up a copy of that control if a connecting client...