w-Agora index.php site Parameter Traversal Arbitrary File Access

The remote host is running w-agora, a web-based forum application written in PHP. The remote version of this software is prone to directory traversal attacks. A remote attacker could request a specially crafted URL to read arbitrary files on the remote system with the privileges of the web server...

Alkalay.Net (Multiple Scripts) - Remote Command Execution

Alkalay.Net Multiple Scripts - Remote Command Execution source: https://www.securityfocus.com/bid/14893/info Multiple Alkalay.net scripts are prone to arbitrary remote command execution vulnerabilities. These issues are due to a failure in the applications to properly sanitize user-supplied input...

PHPTB Topic Board 2.0 - board_o.php?absolutepath Remote File Inclusion

PHPTB Topic Board 2.0 - boardo.php?absolutepath Remote File Inclusion source: https://www.securityfocus.com/bid/14592/info PHPTB is prone to multiple remote file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may...

PHPTB Topic Board 2.0 - tech_o.php?absolutepath Remote File Inclusion

PHPTB Topic Board 2.0 - techo.php?absolutepath Remote File Inclusion source: https://www.securityfocus.com/bid/14592/info PHPTB is prone to multiple remote file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may...

PHPTB Topic Board 2.0 - 'admin_o.php?absolutepath' Remote File Inclusion

source: https://www.securityfocus.com/bid/14592/info PHPTB is prone to multiple remote file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to execute arbitrary server-side script...

PHPTB Topic Board 2.0 - 'tech_o.php?absolutepath' Remote File Inclusion

source: https://www.securityfocus.com/bid/14592/info PHPTB is prone to multiple remote file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to execute arbitrary server-side script...

ezUpload 2.2 - customize.php?path Remote File Inclusion

ezUpload 2.2 - customize.php?path Remote File Inclusion source: https://www.securityfocus.com/bid/14534/info ezUpload is affected by multiple remote file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverag...

ezUpload 2.2 - initialize.php?path Remote File Inclusion

ezUpload 2.2 - initialize.php?path Remote File Inclusion source: https://www.securityfocus.com/bid/14534/info ezUpload is affected by multiple remote file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may levera...

ezUpload 2.2 - 'form.php?path' Remote File Inclusion

source: https://www.securityfocus.com/bid/14534/info ezUpload is affected by multiple remote file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to execute arbitrary server-side...

ezUpload 2.2 - 'customize.php?path' Remote File Inclusion

source: https://www.securityfocus.com/bid/14534/info ezUpload is affected by multiple remote file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to execute arbitrary server-side...

SAP Internet Graphics Server (IGS) Directory Traversal Vulnerability

The version of SAP Internet Graphics Server IGS installed on the remote host is affected by a directory traversal vulnerability. An unauthenticated, remote attacker can exploit this, via a specially crafted HTTP GET request, to access arbitrary files on the remote host with the privileges of the...

Atomic Photo Album 0.x/1.0 - 'Apa_PHPInclude.INC.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/14368/info Atomic Photo Album is susceptible to a remote PHP file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may exploit this issue to execute arbitrary PHP code on an...

Spid 1.3 - lang_path File Inclusion

Spid 1.3 - langpath File Inclusion source: https://www.securityfocus.com/bid/14208/info SPiD is a gallery management application written in PHP. SPiD is prone to a remote file include vulnerability, due to lack of validation of user input. An attacker may leverage this issue to execute arbitrary...

Jaws 0.x - Remote File Inclusion

Jaws 0.x - Remote File Inclusion source: https://www.securityfocus.com/bid/14158/info JAWS is prone to a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary...

MyGuestbook 0.6.1 - Form.Inc.php3 Remote File Inclusion

MyGuestbook 0.6.1 - Form.Inc.php3 Remote File Inclusion source: https://www.securityfocus.com/bid/14155/info MyGuestbook is prone to a remote file include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue...

EasyPHPCalendar 6.1.56.2.x - header.inc.php?serverPath Remote File Inclusion

EasyPHPCalendar 6.1.56.2.x - header.inc.php?serverPath Remote File Inclusion source: https://www.securityfocus.com/bid/14131/info EasyPHPCalendar is prone to multiple remote file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input...

EasyPHPCalendar 6.1.5/6.2.x - 'popup.php?serverPath' Remote File Inclusion

source: https://www.securityfocus.com/bid/14131/info EasyPHPCalendar is prone to multiple remote file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to execute arbitrary server-si...

EasyPHPCalendar 6.1.5/6.2.x - 'datePicker.php?serverPath' Remote File Inclusion

source: https://www.securityfocus.com/bid/14131/info EasyPHPCalendar is prone to multiple remote file include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage any of these issues to execute arbitrary server-si...

RaXnet Cacti 0.50.60.8 - Config_Settings.php Remote File Inclusion

RaXnet Cacti 0.50.60.8 - ConfigSettings.php Remote File Inclusion source: https://www.securityfocus.com/bid/14028/info RaXnet Cacti is prone to a remote file include vulnerability. The problem presents itself specifically when an attacker passes the location of a remote attacker-specified script...

RaXnet Cacti 0.5/0.6/0.8 - 'Config_Settings.php' Remote File Inclusion

source: https://www.securityfocus.com/bid/14028/info RaXnet Cacti is prone to a remote file include vulnerability. The problem presents itself specifically when an attacker passes the location of a remote attacker-specified script through the 'configsettings.php' script. An attacker may leverage...