w-Agora index.php site Parameter Traversal Arbitrary File Access

The remote host is running w-agora, a web-based forum application written in PHP. The remote version of this software is prone to directory traversal attacks. A remote attacker could request a specially crafted URL to read arbitrary files on the remote system with the privileges of the web server...

Alkalay.Net (Multiple Scripts) - Remote Command Execution

Alkalay.Net Multiple Scripts - Remote Command Execution source: https://www.securityfocus.com/bid/14893/info Multiple Alkalay.net scripts are prone to arbitrary remote command execution vulnerabilities. These issues are due to a failure in the applications to properly sanitize user-supplied input...

PHPTB Topic Board 2.0 - board_o.php?absolutepath Remote File Inclusion

PHPTB Topic Board 2.0 - boardo.php?absolutepath Remote File Inclusion source: https://www.securityfocus.com/bid/14592/info PHPTB is prone to multiple remote file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may...

PHPTB Topic Board 2.0 - tech_o.php?absolutepath Remote File Inclusion

PHPTB Topic Board 2.0 - techo.php?absolutepath Remote File Inclusion source: https://www.securityfocus.com/bid/14592/info PHPTB is prone to multiple remote file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may...

PHPTB Topic Board 2.0 - 'admin_o.php?absolutepath' Remote File Inclusion

source: https://www.securityfocus.com/bid/14592/info PHPTB is prone to multiple remote file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to execute arbitrary server-side script...

PHPTB Topic Board 2.0 - 'tech_o.php?absolutepath' Remote File Inclusion

source: https://www.securityfocus.com/bid/14592/info PHPTB is prone to multiple remote file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to execute arbitrary server-side script...

ezUpload 2.2 - initialize.php?path Remote File Inclusion

ezUpload 2.2 - initialize.php?path Remote File Inclusion source: https://www.securityfocus.com/bid/14534/info ezUpload is affected by multiple remote file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may levera...

ezUpload 2.2 - customize.php?path Remote File Inclusion

ezUpload 2.2 - customize.php?path Remote File Inclusion source: https://www.securityfocus.com/bid/14534/info ezUpload is affected by multiple remote file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverag...

ezUpload 2.2 - 'customize.php?path' Remote File Inclusion

source: https://www.securityfocus.com/bid/14534/info ezUpload is affected by multiple remote file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to execute arbitrary server-side...

ezUpload 2.2 - 'form.php?path' Remote File Inclusion

source: https://www.securityfocus.com/bid/14534/info ezUpload is affected by multiple remote file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to execute arbitrary server-side...

Atomic Photo Album 0.x/1.0 - 'Apa_PHPInclude.INC.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/14368/info Atomic Photo Album is susceptible to a remote PHP file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may exploit this issue to execute arbitrary PHP code on an...

SAP Internet Graphics Server (IGS) Directory Traversal Vulnerability

The version of SAP Internet Graphics Server IGS installed on the remote host is affected by a directory traversal vulnerability. An unauthenticated, remote attacker can exploit this, via a specially crafted HTTP GET request, to access arbitrary files on the remote host with the privileges of the...

Spid 1.3 - lang_path File Inclusion

Spid 1.3 - langpath File Inclusion source: https://www.securityfocus.com/bid/14208/info SPiD is a gallery management application written in PHP. SPiD is prone to a remote file include vulnerability, due to lack of validation of user input. An attacker may leverage this issue to execute arbitrary...

Jaws 0.x - Remote File Inclusion

Jaws 0.x - Remote File Inclusion source: https://www.securityfocus.com/bid/14158/info JAWS is prone to a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...

MyGuestbook 0.6.1 - Form.Inc.php3 Remote File Inclusion

MyGuestbook 0.6.1 - Form.Inc.php3 Remote File Inclusion source: https://www.securityfocus.com/bid/14155/info MyGuestbook is prone to a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue...

EasyPHPCalendar 6.1.56.2.x - header.inc.php?serverPath Remote File Inclusion

EasyPHPCalendar 6.1.56.2.x - header.inc.php?serverPath Remote File Inclusion source: https://www.securityfocus.com/bid/14131/info EasyPHPCalendar is prone to multiple remote file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input...

EasyPHPCalendar 6.1.5/6.2.x - 'datePicker.php?serverPath' Remote File Inclusion

source: https://www.securityfocus.com/bid/14131/info EasyPHPCalendar is prone to multiple remote file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to execute arbitrary server-si...

EasyPHPCalendar 6.1.5/6.2.x - 'popup.php?serverPath' Remote File Inclusion

source: https://www.securityfocus.com/bid/14131/info EasyPHPCalendar is prone to multiple remote file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to execute arbitrary server-si...

RaXnet Cacti 0.50.60.8 - Config_Settings.php Remote File Inclusion

RaXnet Cacti 0.50.60.8 - ConfigSettings.php Remote File Inclusion source: https://www.securityfocus.com/bid/14028/info RaXnet Cacti is prone to a remote file include vulnerability. The problem presents itself specifically when an attacker passes the location of a remote attacker-specified script...

RaXnet Cacti 0.5/0.6/0.8 - 'Config_Settings.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/14028/info RaXnet Cacti is prone to a remote file include vulnerability. The problem presents itself specifically when an attacker passes the location of a remote attacker-specified script through the 'configsettings.php' script. An attacker may leverage...