referring software vulnerabilities
vulnerabilities.aspcode.net
Searching referring software vulnerabilities
** DISPUTED ** NOTE: the vendor has disputed t
DISPUTED
|
** DISPUTED ** NOTE: the vendor has disputed this issue. Cross-site scripting (XSS) vulnerability in lemoon 2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified search parameters, possibly the q parameter. NOTE: the vendor has disputed this issue, saying "Sites are built on top of ASP.NET and you use lemoon core objects to easily manage and render content. The XSS vuln. you are referring to exists in one of our public sites built on lemoon i.e. a custom made site (as all sites are). The problem exists in a UserControl that handles form input and is in no way related to the lemoon core product."
** DISPUTED ** PHP remote file inclusion vulne
vulnerability
|
inclusion
|
commonphp
|
arbitrary
|
parameter
|
attackers
|
DISPUTED
|
execute
|
db_file
|
remote
|
allows
|
Photo
|
Album
|
file
|
code
|
PHP
|
via
|
URL
|
** DISPUTED ** PHP remote file inclusion vulnerability in common.php in PHP Photo Album allows remote attackers to execute arbitrary PHP code via a URL in the db_file parameter. NOTE: CVE disputes this vulnerability, because versions 0.3.2.6 and 0.4.1beta do not contain this file. However, it is possible that the original researcher was referring to a different product.
The readfile function in PHP 4.4.4, 5.1.6, and
function
|
readfile
|
PHP
|
The readfile function in PHP 4.4.4, 5.1.6, and 5.2.1 allows context-dependent attackers to bypass safe_mode restrictions and read arbitrary files by referring to local files with a certain URL syntax instead of a pathname syntax, as demonstrated by a filename preceded a "php://../../" sequence.
Software vulnerabilities results 1 to 4 of 4
Page:
1