The first issue is due to an input validation error in the 'print/print.php' script that does not validate the 'ide' parameter, which could be exploited by remote attackers to include local files with the privileges of the web server. The second flaw is due to an input validation error in the 'article.php' script that does not validate the 'ide' parameter, which could be exploited by attackers to include remote or local files and execute arbitrary commands with privileges of the web server.
A vulnerability in KnowledgeBuilder.v2.2.PHP.NULL-WDYL allows remote attackers to include arbitrary files via a URL in the visEdit_root parameter to e_data/visEdit_control.class.php.
Magic News Pro version 1.0.3 is vulnerable to a remote file inclusion vulnerability. The vulnerability exists due to insufficient sanitization of user-supplied input to the 'script_path' parameter in the 'news_page.php' script. An attacker can exploit this vulnerability to execute arbitrary PHP code on the vulnerable system by sending a specially crafted HTTP request containing a malicious URL in the 'script_path' parameter.
The vulnerability exists due to insufficient sanitization of user-supplied input passed via the 'icerikno' parameter to the '/icerik.asp' script. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation may allow an attacker to gain access to the application with administrative privileges.
A vulnerability in Shadowed Portal 5.599 allows an attacker to include a remote file via the 'root' parameter in the bottom.php script. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request containing an arbitrary file from a remote host.
Buffer overflow in the Strcmp function in the XKEYBOARD extension in X Window System X11R6.4 and earlier, as used in SCO UnixWare 7.1.3 and Sun Solaris 8 through 10, allows local users to gain privileges via a long _XKB_CHARSET environment variable value.
A remote file include vulnerability was found in Downstat 1.8, a web-based download counter. The vulnerability exists due to insufficient sanitization of user-supplied input to the 'art' parameter in the 'chart.php', 'modes.php' and 'stats.php' scripts. An attacker can exploit this vulnerability to execute arbitrary PHP code on the vulnerable system by sending a specially crafted HTTP request containing a malicious URL in the 'art' parameter. This can be used to gain access to the vulnerable system and execute arbitrary commands with the privileges of the web server process.
Quicksilver Forums versions 1.2.0 and 1.2.1 are vulnerable to a remote file inclusion vulnerability due to a lack of sanitization of user input. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable server, which will then include and execute the malicious file.
This module exploits a stack overflow in the NetApi32.dll of Windows Server 2003 SP0. This exploit is based on the MS06-040 exploit by HD Moore.
Signkorn Guestbook version 1.3 and all versions below are vulnerable to a Remote File Inclusion vulnerability. The vulnerable code is located in the includes/log.inc.php file. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing a malicious URL in the dir_path parameter. This can allow an attacker to execute arbitrary code on the vulnerable system.
Services By CQR