language lang english lang activityphp software vulnerabilities
vulnerabilities.aspcode.net
Searching language lang english lang activityphp software vulnerabilities
Multiple PHP remote file inclusion vulnerabilit
vulnerabilities
|
ezContents
|
inclusion
|
Multiple
|
remote
|
file
|
PHP
|
Multiple PHP remote file inclusion vulnerabilities in ezContents 2.0.2 and earlier allow remote attackers to execute arbitrary PHP code from a remote web server, as demonstrated using (1) the GLOBALS[rootdp] parameter to db.php, or (2) the GLOBALS[language_home] parameter to archivednews.php, and a malicious version of lang_admin.php.
Skype 0.92.0.12 and 1.0.0.1 for Linux, and poss
Skype
|
Skype 0.92.0.12 and 1.0.0.1 for Linux, and possibly other versions, creates the /usr/share/skype/lang directory with world-writable permissions, which allows local users to modify language files and possibly conduct social engineering or other attacks.
error.php in Error Manager 2.1 for PHP-Nuke 6.0
information
|
sensitive
|
attackers
|
PHP-Nuke
|
errorphp
|
invalid
|
Manager
|
obtain
|
allows
|
remote
|
Error
|
via
|
error.php in Error Manager 2.1 for PHP-Nuke 6.0 allows remote attackers to obtain sensitive information via an invalid (1) language, (2) newlang, or (3) lang parameter, which leaks the pathname in a PHP error message.
Directory traversal vulnerability in phpMyFAQ 1
vulnerability
|
traversal
|
Directory
|
phpMyFAQ
|
Directory traversal vulnerability in phpMyFAQ 1.4.0 alpha allows remote attackers to read arbitrary files, and possibly execute local PHP files, via .. sequences in the lang (language) variable.
Gattaca Server 2003 1.1.10.0 allows remote atta
Gattaca
|
Server
|
Gattaca Server 2003 1.1.10.0 allows remote attackers to cause a denial of service (CPU consumption) via directory specifiers in the LANGUAGE parameter to (1) index.tmpl and (2) web.tmpl, such as (a) slash "/", (b) backslash "\", (c) dot ".",, (d) dot dot "..", and (e) internal slash "lang//en".
PHP-Nuke 7.6 and earlier allows remote attacker
information
|
sensitive
|
attackers
|
PHP-Nuke
|
earlier
|
request
|
direct
|
remote
|
allows
|
obtain
|
via
|
PHP-Nuke 7.6 and earlier allows remote attackers to obtain sensitive information via a direct request to (1) ipban.php, (2) db.php, (3) lang-norwegian.php, (4) lang-indonesian.php, (5) lang-greek.php, (6) a request to Web_Links with the portuguese language (lang-portuguese.php), (7) a request to Web_Links with the indonesian language (lang-indonesian.php), (8) a request to the survey module with the indonesian language (lang-indonesian.php), (9) a request to the Reviews module with the portuguese language, or (10) a request to the Journal module with the portuguese language, which reveal the path in an error message.
PHP remote file include vulnerability in IceWar
vulnerability
|
include
|
IceWarp
|
remote
|
Mail
|
file
|
Web
|
PHP
|
PHP remote file include vulnerability in IceWarp Web Mail 5.5.1, as used by Merak Mail Server 8.3.0r and VisNetic Mail Server version 8.3.0 build 1, when register_globals is enabled, allows remote attackers to include arbitrary local and remote PHP files via a URL in the (1) lang_settings and (2) language parameters in (a) accounts/inc/include.php and (b) admin/inc/include.php.
IceWarp Web Mail 5.5.1, as used by Merak Mail S
IceWarp
|
Mail
|
Web
|
IceWarp Web Mail 5.5.1, as used by Merak Mail Server 8.3.0r and VisNetic Mail Server version 8.3.0 build 1, does not properly restrict acceptable values for the language parameter to mail/settings.html before it is stored in a database, which can allow remote authenticated users to include arbitrary PHP code via a URL in a modified lang_settings parameter to mail/index.html.
Directory traversal vulnerability in tiny_mce_g
tiny_mce_gzipphp
|
vulnerability
|
Compressor
|
Directory
|
traversal
|
TinyMCE
|
before
|
PHP
|
Directory traversal vulnerability in tiny_mce_gzip.php in TinyMCE Compressor PHP before 1.06 allows remote attackers to read or include arbitrary files via a trailing null byte (%00) in the (1) theme, (2) language, (3) plugins, or (4) lang parameter.
Multiple directory traversal vulnerabilities in
vulnerabilities
|
attackers
|
arbitrary
|
directory
|
traversal
|
Multiple
|
include
|
Webmail
|
remote
|
files
|
allow
|
NOCC
|
via
|
Multiple directory traversal vulnerabilities in NOCC Webmail 1.0 allow remote attackers to include arbitrary files via .. (dot dot) sequences and a trailing NULL (%00) byte in (1) the _SESSION['nocc_theme'] parameter in (a) html/footer.php; and (2) the lang and (3) theme parameters and the (4) Accept-Language HTTP header field, when force_default_lang is disabled, in (b) index.php, as demonstrated by injecting PHP code into a profile and accessing it using the lang parameter in index.php.
Directory traversal vulnerability in scan_lang_
scan_lang_insertphp
|
Herbiniere-Seve
|
vulnerability
|
Directory
|
traversal
|
Boris
|
SPiD
|
Directory traversal vulnerability in scan_lang_insert.php in Boris Herbiniere-Seve SPiD 1.3.1 allows remote attackers to read arbitrary files via the lang parameter.
PHP remote file inclusion vulnerability in lang
language/lang_english/lang_activityphp
|
vulnerability
|
inclusion
|
Activity
|
remote
|
file
|
Plus
|
MOD
|
PHP
|
PHP remote file inclusion vulnerability in language/lang_english/lang_activity.php in Activity MOD Plus (Amod) 1.1.0, as used with phpBB when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. NOTE: This is a similar vulnerability to CVE-2006-2507.
PHP remote file inclusion vulnerability in temp
templates/pb/language/lang_nlphp
|
vulnerability
|
inclusion
|
PBLang
|
remote
|
file
|
PHP
|
PHP remote file inclusion vulnerability in templates/pb/language/lang_nl.php in PBLang (PBL) 4.66z and earlier allows remote attackers to execute arbitrary PHP code via a URL in the temppath parameter.
PHP remote file inclusion vulnerability in lang
language/lang_french/lang_prillian_faqphp
|
vulnerability
|
inclusion
|
Prillian
|
French
|
remote
|
file
|
PHP
|
PHP remote file inclusion vulnerability in language/lang_french/lang_prillian_faq.php in the Prillian French 0.8.0 and earlier module for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
PHP remote file inclusion vulnerability in lang
language/lang/lang_contact_faqphp
|
vulnerability
|
inclusion
|
Prillian
|
French
|
remote
|
file
|
PHP
|
PHP remote file inclusion vulnerability in language/lang/lang_contact_faq.php in the Prillian French 0.8.0 and earlier module for phpBB allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
PHP remote file inclusion vulnerability in lang
language/lang_english/lang_adminphp
|
vulnerability
|
inclusion
|
remote
|
Links
|
file
|
Web
|
PHP
|
PHP remote file inclusion vulnerability in language/lang_english/lang_admin.php in the Web Links (mx_links) 2.05 and earlier module for mxBB allows remote attackers to execute arbitrary PHP code via a URL in the mx_root_path parameter.
Cross-site scripting (XSS) vulnerability in fra
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in framework/NLS/NLS.php in Horde Framework before 3.1.4 RC1, when the login page contains a language selection box, allows remote attackers to inject arbitrary web script or HTML via the new_lang parameter to login.php.
Multiple directory traversal vulnerabilities in
vulnerabilities
|
RicarGBooK
|
headerphp
|
directory
|
traversal
|
Multiple
|
Multiple directory traversal vulnerabilities in header.php in RicarGBooK 1.2.1 allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in (1) a lang cookie or (2) the language parameter.
Directory traversal vulnerability in Yet anothe
vulnerability
|
Directory
|
traversal
|
Bulletin
|
another
|
Board
|
Yet
|
Directory traversal vulnerability in Yet another Bulletin Board (YaBB) 2.1 and earlier allows remote authenticated users to execute arbitrary Perl code via a .. (dot dot) in the userlanguage profile setting, which sets the userlanguage key of the member hash, and is propagated to the language variable in (1) HelpCentre.pl and (2) ICQPager.pl, (3) the use_lang variable in Subs.pl, and the actlang variable in (4) Post.pl and (5) InstantMessage.pl; as demonstrated by pointing userlanguage to the English folder, modifying English/HelpCentre.lng file to contain Perl statements, and then invoking the help action in YaBB.pl.
PHP remote file inclusion vulnerability in lang
language/lang_german/lang_main_albumphp
|
vulnerability
|
inclusion
|
remote
|
phpBB
|
Plus
|
file
|
PHP
|
PHP remote file inclusion vulnerability in language/lang_german/lang_main_album.php in phpBB Plus 1.53, and 1.53a before Saturday, September 22, 2007, allows remote attackers to execute arbitrary PHP code via a URL in the phpbb_root_path parameter.
Software vulnerabilities results 1 to 20 of 278
Page:
1
2
3
4
5
...
14
►