A remote include vulnerability exists in Mambo com_cropimage 1.0 Component. This issue is due to a failure in the application to properly sanitize user-supplied input passed via HTTP GET requests to the 'cropimagedir' parameter of the 'admin.cropcanvas.php' script. This may allow a remote attacker to include arbitrary files from remote hosts resulting in arbitrary code execution within the context of the webserver process.
Sonium Enterprise Adressbook Version 0.2 is vulnerable to Remote File Inclusion due to improper sanitization of the $folder variable. This can lead to Remote File Execution.
Kochsuite v0.9.4 is vulnerable to a Remote File Inclusion vulnerability. This vulnerability is caused due to the lack of proper input validation in the 'config.kochsuite.php' script. An attacker can exploit this vulnerability by sending a malicious URL to the vulnerable script. This will allow the attacker to execute arbitrary code on the vulnerable system.
Link Directory is a component to publish links. A remote file inclusion vulnerability exists in the toolbar.linkdirectory.html.php file of Link Directory version 1.0.3 and earlier. An attacker can exploit this vulnerability to execute arbitrary PHP code on the vulnerable system by sending a specially crafted HTTP request containing a malicious URL in the mosConfig_absolute_path parameter.
MamboWiki is vulnerable to a Remote File Inclusion vulnerability. This vulnerability is due to a failure in the application to properly sanitize user-supplied input to the 'IP' parameter in 'MamboLogin.php'. An attacker can exploit this vulnerability to include arbitrary remote files, allowing for the execution of arbitrary PHP code.
A remote file include vulnerability exists in phpCodeGenie version 3.0.2 and prior. The vulnerability is due to the BEAUT_PATH parameter in the Core.php script not being properly sanitized before being used in an include_once() function call. This can be exploited to include arbitrary files from remote hosts.
PHlyMail Lite version 3.4.4 (Build 3.04.04) is vulnerable to a remote file include vulnerability. This vulnerability exists due to insufficient sanitization of user-supplied input in the 'handler' parameter of the 'mod.listmail.php' script. An attacker can exploit this vulnerability to include arbitrary remote files and execute arbitrary code on the vulnerable system.
Artlinks v1.0 Beta 4 is vulnerable to a Remote File Inclusion vulnerability. This vulnerability is due to a failure in the application to properly sanitize user-supplied input to the 'mosConfig_absolute_path' parameter in 'artlinks.dispnew.php'. An attacker can exploit this vulnerability to include arbitrary files from remote hosts and execute arbitrary code on the vulnerable system.
This vulnerability is caused by a buffer overflow in the Macromedia Flash 9 (IE Plugin). When a maliciously crafted web page is opened, it causes a crash due to the overflow of the buffer. This vulnerability is unpatched and can be exploited by a malicious attacker.
Mambo a6mambocredits component v1.0.0 is vulnerable to a remote file inclusion vulnerability. This vulnerability is due to the 'mosConfig_live_site' parameter in the 'admin.a6mambocredits.php' script not properly sanitized before being used to include files. This can be exploited to include arbitrary files from remote hosts and execute arbitrary PHP code.
Services By CQR