261 matches found
LCDS LAquis SCADA Path Traversal Vulnerability
LCDS LAquis SCADA is a SCADA Data Acquisition and Supervisory Control system from the Brazilian company LCDS. The system is mainly used for data acquisition and process control of equipment with communication technology. A path traversal vulnerability in LCDS LAquis SCADA version 4.1.0.3870, whic...
CVE-2018-9110
Studio 42 elFinder before 2.1.37 has a directory traversal vulnerability in elFinder.class.php with the zipdl function that can allow a remote attacker to download files accessible by the web server process and delete files owned by the account running the web server process. NOTE: this issue...
CVE-2018-9110
Studio 42 elFinder before 2.1.37 has a directory traversal vulnerability in elFinder.class.php with the zipdl function that can allow a remote attacker to download files accessible by the web server process and delete files owned by the account running the web server process. NOTE: this issue...
CVE-2018-9110
Studio 42 elFinder before 2.1.37 has a directory traversal vulnerability in elFinder.class.php with the zipdl function that can allow a remote attacker to download files accessible by the web server process and delete files owned by the account running the web server process. NOTE: this issue...
Directory traversal
Studio 42 elFinder before 2.1.36 has a directory traversal vulnerability in elFinder.class.php with the zipdl function that can allow a remote attacker to download files accessible by the web server process and delete files owned by the account running the web server process...
Novell ZENworks Reporting Appliance Directory Traversal Arbitrary File Creation Vulnerability
This vulnerability allows remote attackers to create arbitrary files on vulnerable installations of Novell ZENworks Reporting Appliance. Authentication is not required to exploit this vulnerability. The specific flaw exists within the FCExporter servlet. The process does not properly validate a...
Wordpress Plugin Mobile App Native Remote File Upload Vulnerability
WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A remote file upload vulnerability exists in the Wordpress plugin Mobile App Native. Because the application fails to...
Holding Pattern Theme <= 0.6 - Arbitrary File Upload
An attacker can exploit this vulnerability to upload arbitrary PHP code and run it in the context of the Web server process. This may facilitate unauthorized access or privilege escalation. Disclosure timeline: 2015-01-14 Vendor Alerted via email. 2015-01-14 Fix Requested via email. 2015-01-14...
VoipSwitch - user.php Local File Inclusion
VoipSwitch - user.php Local File Inclusion source: https://www.securityfocus.com/bid/69109/info VoipSwitch is prone to a local file-include vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker can exploit this vulnerability to view files and execute local scrip...
ezUpload 2.2 form.php path Parameter Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/14534/info ezUpload is affected by multiple remote file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues ...
Athena PHP Website Administration 0.1 - Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/15574/info Athena PHP Website Administration is prone to a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit this issue ...
Ariadne CMS 2.4 - Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13206/info A remote file include vulnerability affects Ariadne CMS. This issue is due to a failure of the application to validate critical parameters before using them in a 'requireonce' function call. An attacker may...
RaXnet Cacti 0.5/0.6/0.8 Top_Graph_Header.PHP Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/14030/info RaXnet Cacti is prone to a remote file include vulnerability. The problem presents itself specifically when an attacker passes the location of a remote attacker-specified script through the 'topgraphheader.php'...
MySource 2.14 Span.php PEAR_PATH Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/15133/info MySource is prone to multiple remote and local file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these...
PHPMyFAQ 1.5.1 - Local File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/14929/info PHPMyFAQ is prone to a local file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...
YaPiG 0.9x Remote and Local File Include Vulnerabilities
No description provided by source. source: http://www.securityfocus.com/bid/13874/info YaPiG is affected by remote and local file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage these issues to execut...
MySource 2.14 mimeDecode.php PEAR_PATH Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/15133/info MySource is prone to multiple remote and local file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these...
MySource 2.14 Mail.php PEAR_PATH Remote File Inclusion
No description provided by source. source: http://www.securityfocus.com/bid/15133/info MySource is prone to multiple remote and local file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these...
SaveWebPortal 3.4 Unauthorized Access Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/14639/info SaveWebPortal is prone to an unauthorized access vulnerability. This issue is due to a failure in the application to limit access to administrative scripts. An attacker may leverage this issue to execute...
Popper Webmail 1.41 ChildWindow.Inc.PHP Remote File Include Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/13851/info Popper is affected by a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...