Joomla! Component com_simpleswfupload - 'uploadhandler.php' Arbitrary File Upload

source: https://www.securityfocus.com/bid/53968/info The Simple SWFUpload component for Joomla! is prone to a vulnerability that lets attackers upload arbitrary files because the application fails to adequately sanitize user-supplied input. An attacker can exploit this vulnerability to upload...

Joomla! Component Easy Flash Uploader - 'helper.php' Arbitrary File Upload

source: https://www.securityfocus.com/bid/53977/info The Easy Flash Uploader component for Joomla! is prone to a vulnerability that lets attackers upload arbitrary files because the application fails to adequately sanitize user-supplied input. An attacker can exploit this vulnerability to upload...

WordPress HTML5 AV Manager Plugin 'custom.php' Arbitrary File Upload Vulnerability

WordPress HTML5 AV Manager Plugin is prone to a file upload vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

WordPress Foxypress Plugin 'uploadify.php' Arbitrary File Upload Vulnerability

WordPress Foxypress Plugin is prone to file upload vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

WordPress Plugin VideoWhisper Video Presentation 3.17 - 'vw_upload.php' Arbitrary File Upload

source: https://www.securityfocus.com/bid/53851/info The VideoWhisper Video Presentation plug-in for WordPress is prone to a vulnerability that lets attackers upload arbitrary files. The issue occurs because the application fails to adequately sanitize user-supplied input. An attacker can exploit...

WordPress Gallery Plugin 3.06 - Arbitrary File Upload

WordPress Gallery plugin is prone to an arbitrary file upload vulnerability. Restricted access to this script is not properly realized. In that way an attacker can to upload files containing malicious PHP code and run it in the context of the web server process. Other attacks are also possible...

WordPress Font Uploader Plugin 1.2.4 - Arbitrary File Upload

Font Uploader plugin is prone to an arbitrary file upload vulnerability. Restricted access to this script is not properly realized. In that way an attacker can to upload files containing malicious PHP code and run it in the context of the web server process. Other attacks are also possible...

TomatoCart 1.2.0 Alpha 2 - 'json.php' Local File Inclusion

source: https://www.securityfocus.com/bid/52766/info TomatoCart is prone to a local file-include vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and to execute arbitrary local scrip...

OpenEMR 4.1 - Interfacefaxfax_dispatch.php?File exec() Call Arbitrary Shell Command Execution

OpenEMR 4.1 - Interfacefaxfaxdispatch.php?File exec Call Arbitrary Shell Command Execution source: https://www.securityfocus.com/bid/51788/info OpenEMR is prone to local file-include and command-injection vulnerabilities because it fails to properly sanitize user-supplied input. A remote attacker...

OpenEMR 4.1 - contribacogprint_form.php?formname Traversal Local File Inclusion

OpenEMR 4.1 - contribacogprintform.php?formname Traversal Local File Inclusion source: https://www.securityfocus.com/bid/51788/info OpenEMR is prone to local file-include and command-injection vulnerabilities because it fails to properly sanitize user-supplied input. A remote attacker can exploit...

OpenEMR 4.1 - '/contrib/acog/print_form.php?formname' Traversal Local File Inclusion

source: https://www.securityfocus.com/bid/51788/info OpenEMR is prone to local file-include and command-injection vulnerabilities because it fails to properly sanitize user-supplied input. A remote attacker can exploit these issues to execute arbitrary shell commands with the privileges of the us...

OpenEMR 4.1 - '/Interface/patient_file/encounter/load_form.php?formname' Traversal Local File Inclusion

source: https://www.securityfocus.com/bid/51788/info OpenEMR is prone to local file-include and command-injection vulnerabilities because it fails to properly sanitize user-supplied input. A remote attacker can exploit these issues to execute arbitrary shell commands with the privileges of the us...

OpenEMR 4.1 - '/Interface/patient_file/encounter/trend_form.php?formname' Traversal Local File Inclusion

source: https://www.securityfocus.com/bid/51788/info OpenEMR is prone to local file-include and command-injection vulnerabilities because it fails to properly sanitize user-supplied input. A remote attacker can exploit these issues to execute arbitrary shell commands with the privileges of the us...

MyNews 1.2 'basepath' Parameter Multiple Remote File Include Vulnerabilities

MyNews 1.2 is prone to multiple remote file-include vulnerabilities because the application fails to sufficiently sanitize user- supplied input. Exploiting these issues may allow a remote attacker to obtain sensitive information or to execute arbitrary script code in the context of the Web server...

StarDevelop LiveHelp 2.0 - index.php Local File Inclusion

StarDevelop LiveHelp 2.0 - index.php Local File Inclusion source: https://www.securityfocus.com/bid/49650/info StarDevelop LiveHelp is prone to a local file-include vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker can exploit this vulnerability to obtain...

AR Web Content Manager <= 2.2 Multiple Directory Traversal Vulnerabilities - Active Check

AR Web Content Manager AWCM is prone to multiple directory traversal vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Simple PHP Blog 0.5.1 - Local File Inclusion

Simple PHP Blog is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information or to execute arbitrary local scripts in the context of the webserver process. This may...

nginx HTTP Request Header Remote Buffer Overflow

Binary data 5216.prm...

Free Articles Directory Remote File Inclusion Vulnerability

The remote web server contains a PHP application that is affected by a remote file include vulnerability. Description : The remote host is running Free Articles Directory, a CMS written in PHP. The installed version of Free Articles Directory fails to sanitize user input to the 'page' parameter i...

Ultimate PHP Board chat/login.php username Parameter Script Injection

Binary data 3872.prm...