261 matches found
YingZhiPython - Directory Traversal / Arbitrary File Upload
source: https://www.securityfocus.com/bid/55685/info An attacker can exploit these issues to obtain sensitive information, to upload arbitrary code, and to run it in the context of the web server process. YingZhiPython 1.9 is vulnerable; other versions may also be affected...
WordPress Plugin Cloudsafe365 - file Remote File Disclosure
WordPress Plugin Cloudsafe365 - file Remote File Disclosure source: https://www.securityfocus.com/bid/55241/info The Cloudsafe365 plugin for WordPress is prone to a file-disclosure vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability ...
PHP Web Scripts Text Exchange Pro - page Local File Inclusion
PHP Web Scripts Text Exchange Pro - page Local File Inclusion source: https://www.securityfocus.com/bid/55205/info PHP Web Scripts Text Exchange Pro is prone to a local file-include vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker can exploit this...
PHP Web Scripts Text Exchange Pro - 'page' Local File Inclusion
source: https://www.securityfocus.com/bid/55205/info PHP Web Scripts Text Exchange Pro is prone to a local file-include vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker can exploit this vulnerability to view files and execute local scripts in the context of...
PHP Web Scripts Ad Manager Pro - 'page' Local File Inclusion
source: https://www.securityfocus.com/bid/55189/info PHP Web Scripts Ad Manager Pro is prone to a local file-include vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker can exploit this vulnerability to view files and execute local scripts in the context of th...
WordPress Plugin Monsters Editor for WP Super Edit - Arbitrary File Upload
WordPress Plugin Monsters Editor for WP Super Edit - Arbitrary File Upload source: https://www.securityfocus.com/bid/55175/info The Monsters Editor for the WP Super Edit plugin for WordPress is prone to a vulnerability that lets attackers upload arbitrary files. The issue occurs because the...
Joomla! Component CiviCRM - Multiple Arbitrary File Upload Vulnerabilities
source: https://www.securityfocus.com/bid/55166/info The CiviCRM component for Joomla! is prone to multiple arbitrary file-upload vulnerabilities that allows attackers to upload arbitrary files because the application fails to adequately sanitize user-supplied input. An attacker can exploit these...
WordPress Plugin Monsters Editor for WP Super Edit - Arbitrary File Upload
source: https://www.securityfocus.com/bid/55175/info The Monsters Editor for the WP Super Edit plugin for WordPress is prone to a vulnerability that lets attackers upload arbitrary files. The issue occurs because the application fails to adequately sanitize user-supplied input. An attacker can...
Vtiger CRM LFI Vulnerability (Aug 2012) - Active Check
Vtiger CRM is prone to a local file include LFI vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
Elastix 2.2.0 - graph.php Local File Inclusion
Elastix 2.2.0 - graph.php Local File Inclusion source: https://www.securityfocus.com/bid/55078/info Elastix is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to view files and execute local scripts ...
Elastix 2.2.0 - 'graph.php' Local File Inclusion
source: https://www.securityfocus.com/bid/55078/info Elastix is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to view files and execute local scripts in the context of the web server process. This...
Getsimple CMS 3.1.2 - 'path' Local File Inclusion
source: https://www.securityfocus.com/bid/54866/info GetSimple is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information or to execute arbitrary local scripts in...
phpProfiles - Multiple Vulnerabilities
source: https://www.securityfocus.com/bid/54660/info phpProfiles is prone to multiple security vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these vulnerabilities could allow an attacker to execute malicious code within the context of the web server...
WordPress Plugin Generic - Arbitrary File Upload
source: https://www.securityfocus.com/bid/54440/info The Generic Plugin for WordPress is prone to an arbitrary-file-upload vulnerability. An attacker can exploit this issue to upload arbitrary PHP code and run it in the context of the Web server process. This may facilitate unauthorized access or...
Getsimple CMS Items Manager Plugin - PHP.php Arbitrary File Upload
Getsimple CMS Items Manager Plugin - PHP.php Arbitrary File Upload source: https://www.securityfocus.com/bid/54255/info Items Manager Plugin for GetSimple CMS is prone to a vulnerability that lets attackers upload arbitrary files. The issue occurs because the application fails to adequately...
Getsimple CMS Items Manager Plugin - 'PHP.php' Arbitrary File Upload
source: https://www.securityfocus.com/bid/54255/info Items Manager Plugin for GetSimple CMS is prone to a vulnerability that lets attackers upload arbitrary files. The issue occurs because the application fails to adequately sanitize user-supplied input. An attacker can exploit this vulnerability...
JAKCMS PRO 2.2.6 - uploader.php Arbitrary File Upload
JAKCMS PRO 2.2.6 - uploader.php Arbitrary File Upload source: https://www.securityfocus.com/bid/54238/info JAKCMS PRO is prone to a vulnerability that lets attackers upload arbitrary files. The issue occurs because the application fails to adequately sanitize user-supplied input. An attacker can...
PHP-Fusion Advanced MP3 Player Infusion - 'upload.php' Arbitrary File Upload
source: https://www.securityfocus.com/bid/54228/info PHP-Fusion Advanced MP3 Player Infusion is prone to a vulnerability that lets attackers upload arbitrary files. The issue occurs because the application fails to adequately sanitize user-supplied input. An attacker can exploit this vulnerabilit...
DigPHP - dig.php Script Remote File Disclosure
DigPHP - dig.php Script Remote File Disclosure source: https://www.securityfocus.com/bid/54207/info DigPHP is prone to a remote file-disclosure vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to view local files in the context of...
DigPHP - 'dig.php' Script Remote File Disclosure
source: https://www.securityfocus.com/bid/54207/info DigPHP is prone to a remote file-disclosure vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to view local files in the context of the web server process, which may aid in furth...