Kolang is a php script that can be leveraged in local and remote file inclusion attacks and performs safe mode bypass for PHP versions 4.3.10 through 5.3.10.
1b47a4a61c61f8fa62d201ad330d696103dcc72feab90a35d2506dc2474db0bdThe PHP GD library suffers from an imageRotate() function information leak vulnerability.
63a4f23ebaa22d5f4bb47dced105c74b50d8a00ff26e6126ba04d1a32f614feaMultiple buffer overflow vulnerabilities exist in xrdp which can be leveraged to execute arbitrary code.
235bde3ffb2ceda2dd4e2446d9a9d3edfff15c68d5a1537f91dd6533c0e60e65The Pi3Web ISAPI interface suffers from a denial of service vulnerability that causes the server to crash. Versions 2.0.13 and below are affected.
28ae7b680667cd7af13babc98bd853018075234dc064ab260fbba2178f775bfeMiniWeb version 0.8.19 suffers from directory traversal and heap overflow vulnerabilities. Exploitation details provided.
5799c6c5fc79d425ac6b418209397eb7731bd51687ee3c4949324fea94c6634cT1Lib suffers from a buffer overflow vulnerability.
e458426df992d1f944cf9b6219df3579a54b0f39470b76d5edfd2a6896d69c2fExponent CMS versions 0.96.6-Alpha and below are susceptible to directory traversal and cross site scripting vulnerabilities.
17f716bb93f1e5ef81a35128ed41f1721f93664be0394948c0e91f3db10fc013Acubix PicoZip version 4.02 suffers from a directory traversal vulnerability.
54755ccc748b1fae93071278d8335794f0f9a535cfeb624a7800403f01adec2bReally Simple PHP and Ajax, or RSPA, is susceptible to a remote file inclusion vulnerability. Version RSPA-2007-03-23 is susceptible.
4ca08ebadbed9149443b4f1921f77f9fb3ed0057795a03b0dad4f02d9087b531ZPanel suffers from a remote file inclusion vulnerability.
4a39bf3c9c6b6df1e3441f7a0ffee9ceaada3bbdfb746c94cc410f462ed867b6phpTrafficA version 1.4.1 is susceptible to a local file inclusion vulnerability.
c827b707796dd41d1881da032e4f9795fe1176fa2625f3f6eb0b81e46293e1ccStud.IP versions 1.3.0-2 and below are susceptible to multiple remote file inclusion vulnerabilities.
dcc124a35d4b99a6c8ba47e6f00b65eefcd21b0a638a25a17b75b0cffbd7f6e0Plume CMS version 1.1.3 is susceptible to a remote file inclusion vulnerability.
dae5c339067cfd24b72b48787bf954e9f3d5ca9ffd2b1a167d8304c675e34904BitZipper versions 4.1.2 and below suffer from a directory traversal flaw.
5085d6ce7a9fc220e12d8ddabf8d1dc1f263c916e03c00da92427051048ff5f4PluggedOut Nexus version 0.1 is susceptible to SQL injection attacks.
7f3f97071e828f1c8efdfa0b4ef466a5b482f62c538ced608f1d06e96d2e5818SpeedCommander version 11.0, ZipStar version 5.1, and Squeez version 5.1 all suffer from directory traversal vulnerabilities when processing malicious JAR and ZIP files.
bb515a90987a52b0bcf6be0d1ee106843efd253c6e4dd84acebf0dd2ddc1b8cdThe StuffIt and ZipMagic family of products are susceptible to directory traversal attacks when fed malicious ZIP or TAR files.
c215ce4b2050fda487a6104a94326d192aa07123f49c0b623e011bedb6bebc27WinAce Archiver versions 2.6 and below are susceptible to a directory traversal attack when fed a malicious RAR or TAR file.
ac1620c545b765e381ee1711f9bad0b294b6f1193c8e749431f4df0125cbca8bArchive_Zipr is susceptible to a directory traversal attack when fed a malicious ZIP file. Version 1.1 has been found vulnerable.
280500752b6fde37f790414e1ab015b3a73d55ec4a39e136d19dc4b299d57e9aFarsiNews versions 2.5 and below suffer from various local file inclusion and direct file access flaws.
b7aad0c8649aa284cee3be6cf8470a1dcae12846a409aea7e3a1ab8f077f4dd5FarsiNews versions 2.1 and below suffer from a remote file inclusion vulnerability.
e9800eaa837cbd442672ad2b872cf44b2c12293f5ddbf626a03e504a00c77d98
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed