1297 matches found
osCommerce 2.2 - update.php Information Disclosure
osCommerce 2.2 - update.php Information Disclosure source: https://www.securityfocus.com/bid/14294/info osCommerce is prone to an information-disclosure vulnerability. An attacker could exploit this vulnerability to display the contents of any file normally readable by the webserver process...
osTicket 1.21.3 - view.php?inc Arbitrary Local File Inclusion
osTicket 1.21.3 - view.php?inc Arbitrary Local File Inclusion source: https://www.securityfocus.com/bid/14127/info osTicket is affected by multiple input-validation vulnerabilities because the application fails to sufficiently sanitize user-supplied data. The following specific issues were...
PHP-Nuke 7.x - Multiple Remote File Inclusions
PHP-Nuke 7.x - Multiple Remote File Inclusions source: https://www.securityfocus.com/bid/18186/info PHP-Nuke is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issue...
PHP-Nuke 7.x - Multiple Remote File Inclusions
source: https://www.securityfocus.com/bid/18186/info PHP-Nuke is prone to multiple remote file-include vulnerabilities. These issues are due to a failure in the application to properly sanitize user-supplied input. An attacker can exploit these issues to include arbitrary remote files containing...
PHP Poll Creator 1.0.1 - Poll_Vote.php Remote File Inclusion
PHP Poll Creator 1.0.1 - PollVote.php Remote File Inclusion source: https://www.securityfocus.com/bid/13760/info PHP Poll Creator is affected by a remote file-include vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to execu...
CzarNews 1.13/1.14 - 'headlines.php' Remote File Inclusion
source: https://www.securityfocus.com/bid/12857/info CzarNews is prone to a remote file-include vulnerability. An attacker may leverage this issue to execute arbitrary server-side script code on an affected computer with the privileges of the webserver process. This may facilitate unauthorized...
PHPOpenChat 2.3.4/3.0.1 - 'ENGLISH_poc.php' Remote File Inclusion
source: https://www.securityfocus.com/bid/12817/info PHPOpenChat is prone to multiple remote file-include vulnerabilities. An attacker may leverage these issues to execute arbitrary server-side script code on an affected computer with the privileges of the webserver process. This may facilitate...
PHPOpenChat 2.3.43.0.1 - poc_loginform.php?phpbb_root_path Remote File Inclusion
PHPOpenChat 2.3.43.0.1 - pocloginform.php?phpbbrootpath Remote File Inclusion source: https://www.securityfocus.com/bid/12817/info PHPOpenChat is prone to multiple remote file-include vulnerabilities. An attacker may leverage these issues to execute arbitrary server-side script code on an affecte...
DotBr 0.1 - Exec.php3 Remote Command Execution
DotBr 0.1 - Exec.php3 Remote Command Execution source: https://www.securityfocus.com/bid/6867/info The DotBr 'exec.php3' script is prone to a remote command execution vulnerability. This is due to insufficient sanitization of user-supplied data. Exploitation may result in execution of arbitrary...
DotBr 0.1 - 'System.php3' Remote Command Execution
source: https://www.securityfocus.com/bid/6866/info The DotBr 'system.php3' script is prone to a remote command execution vulnerability. This is due to insufficient sanitization of user-supplied data. Exploitation may result in execution of arbitrary shell commands with the privileges of the...
Psunami Bulletin Board 0.x - Psunami.cgi Remote Command Execution (1)
Psunami Bulletin Board 0.x - Psunami.cgi Remote Command Execution 1 source: https://www.securityfocus.com/bid/6607/info Psunami Bulletin Board is prone to a remote command execution vulnerability. Psunami does not sufficiently sanitize shell metacharacters from query string parameters. As a resul...
Psunami Bulletin Board 0.x - Psunami.cgi Remote Command Execution (2)
Psunami Bulletin Board 0.x - Psunami.cgi Remote Command Execution 2 source: https://www.securityfocus.com/bid/6607/info Psunami Bulletin Board is prone to a remote command execution vulnerability. Psunami does not sufficiently sanitize shell metacharacters from query string parameters. As a resul...
Psunami Bulletin Board 0.x - 'Psunami.cgi' Remote Command Execution (2)
source: https://www.securityfocus.com/bid/6607/info Psunami Bulletin Board is prone to a remote command execution vulnerability. Psunami does not sufficiently sanitize shell metacharacters from query string parameters. As a result, it may be possible for a remote attacker to execute arbitrary...
Super Site Searcher - Remote Command Execution
Super Site Searcher - Remote Command Execution source: https://www.securityfocus.com/bid/5605/info Super Site Searcher is prone to remote command execution. Shell metacharacters are not adequately filtered from query string parameters in a request to the vulnerable search engine script. The...
Super Site Searcher - Remote Command Execution
source: https://www.securityfocus.com/bid/5605/info Super Site Searcher is prone to remote command execution. Shell metacharacters are not adequately filtered from query string parameters in a request to the vulnerable search engine script. The parameters are then used in a function which passes...
Free Online Dictionary of Computing 1.0 - Remote File Viewing
source: https://www.securityfocus.com/bid/2484/info A vulnerability exists in a CGI script called "The Free Online Dictionary of Computing". Due to a failure to properly validate user supplied input, a remote attacker can compose and submit requests for files readable by the webserver, as well as...
NCSA HTTPd 1.x - Remote Buffer Overflow (2)
// source: https://www.securityfocus.com/bid/3158/info NCSA HTTPd is a free, open-source web server for nix systems. NCSA HTTPd versions 1.3 and earlier are prone to an exploitable buffer overflowin the username field which will allow malicious remote users to execute arbitrary code with the...