EUVD-2002-2137

Malware in sbrugna...

CVE-2002-2158

zenTrack 2.0.3 and earlier allows remote attackers to obtain the full path to the web root via an invalid ticket ID, which leaks the path in an error message...

zenTrack index.php configFile Parameter Traversal Arbitrary Files Access

It is possible to make the remote web server show the content of arbitrary files by making requests like : index.php?configFile=../../../../../../../../../../etc/passwd %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Ref: Subject: Re: zenTrack Remote Command Execution Vulnerabilities From:...

Zentrack 2.22.32.4 - index.php Remote File Inclusion

Zentrack 2.22.32.4 - index.php Remote File Inclusion source: https://www.securityfocus.com/bid/7843/info A remote file include vulnerability has been reported for Zentrack. Due to insufficient sanitization of some user-supplied variables by the 'index.php' script, it is possible for a remote...

zenTrack index.php Multiple Parameter Remote File Inclusion

It is possible to make the remote host include php files hosted on a third-party server using the version of zenTrack installed on the remote host. An attacker may use this flaw to inject arbitrary code and to gain a shell with the privileges of the web server on the affected host. %NASLMINLEVEL...

CVE-2002-2158

zenTrack 2.0.3 and earlier allows remote attackers to obtain the full path to the web root via an invalid ticket ID, which leaks the path in an error message...

[ARL02-A14] ZenTrack System Information Path Disclosure Vulnerability

+/---------------- ALPER Research Labs ------/--------/+ +/---------------- Security Advisory -----/---------/+ +/---------------- ID: ARL02-A14 ----/----------/+ +/---------------- [email protected] ---/-----------/+ Advisory Information -------------------- Name : ZenTrack System Information...