• Skip to main content
  • Skip to footer

Audit My PC - Free Internet Security Audit

Firewall Test and web tools to check your security and privacy

  • Firewall Test
  • Anti Spam
  • Internet Speed Test
  • Sitemap Generator
  • Whats My IP

Advanced Poll /admin/index.php Traversal Arbitrary Local File Inclusion

Network Security News – Monday, May 08, 2006 Events

Advanced Poll /admin/index.php Traversal Arbitrary Local File Inclusion

Advanced Poll contains a flaw that allows a remote attacker to access or include arbitrary files outside of the web path. The issue is due to the /admin/index.php script not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via the 'base_path' and 'pollvars[lang]' variables. This would allow an attacker to access arbitrary files such as /etc/passwd or include local files which could contain arbitrary PHP code that would be executed with the privileges of the web server.. Read more at osvdb.org/25173

Advanced Poll common.inc.php base_path Variable Remote File Inclusion

Advanced Poll contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to common.inc.php not properly sanitizing user input supplied to the 'base_path' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/25172

Advanced Poll png.php include_path Variable Remote File Inclusion

Advanced Poll contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to png.php not properly sanitizing user input supplied to the 'include_path' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/25169

Advanced Poll poll_ssi.php include_path Variable Remote File Inclusion

Advanced Poll contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to poll_ssi.php not properly sanitizing user input supplied to the 'include_path' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/25170

Advanced Poll popup.php include_path Variable Remote File Inclusion

Advanced Poll contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to popup.php not properly sanitizing user input supplied to the 'include_path' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/25171

Advanced Poll booth.php include_path Variable Remote File Inclusion

Advanced Poll contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to booth.php not properly sanitizing user input supplied to the 'include_path' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.. Read more at osvdb.org/3291

Advanced Poll /admin/admin_tpl_new.php Traversal Arbitrary Local File Inclusion

Advanced Poll contains a flaw that allows a remote attacker to access or include arbitrary files outside of the web path. The issue is due to the /admin/admin_tpl_new.php script not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via the 'base_path' and 'pollvars[lang]' variables. This would allow an attacker to access arbitrary files such as /etc/passwd or include local files which could contain arbitrary PHP code that would be executed with the privileges of the web server.. Read more at osvdb.org/25174

Advanced Poll /admin/admin_tpl_misc_new.php Traversal Arbitrary Local File Inclusion

Advanced Poll contains a flaw that allows a remote attacker to access or include arbitrary files outside of the web path. The issue is due to the /admin/admin_tpl_misc_new.php not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via the 'base_path' and 'pollvars[lang]' variables. This would allow an attacker to access arbitrary files such as /etc/passwd or include local files which could contain arbitrary PHP code that would be executed with the privileges of the web server.. Read more at osvdb.org/25175

Advanced Poll /admin/admin_templates_misc.php Traversal Arbitrary Local File Inclusion

Advanced Poll contains a flaw that allows a remote attacker to access or include arbitrary files outside of the web path. The issue is due to the /admin/admin_templates_misc.php not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via the 'base_path' and 'pollvars[lang]' variables. This would allow an attacker to access arbitrary files such as /etc/passwd or include local files which could contain arbitrary PHP code that would be executed with the privileges of the web server.. Read more at osvdb.org/25176

Advanced Poll /admin/admin_templates.php Traversal Arbitrary Local File Inclusion

Advanced Poll contains a flaw that allows a remote attacker to access or include arbitrary files outside of the web path. The issue is due to the /admin/admin_templates.php script not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via the 'base_path' and 'pollvars[lang]' variables. This would allow an attacker to access arbitrary files such as /etc/passwd or include local files which could contain arbitrary PHP code that would be executed with the privileges of the web server.. Read more at osvdb.org/25177

Vuln: Mozilla Firefox iframe.contentWindow.focus Deleted Object Reference Vulnerability

Mozilla Firefox iframe.contentWindow.focus Deleted Object Reference Vulnerability. Read more at securityfocus.com/bid/17671

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *

Footer

Miscellaneous

  • Free Address Finder
  • HTML Encoder Decoder
  • Website Monitoring
  • Whats My IP Address?
  • Yes or No

Copyright © 2001-2021 Audit My PC .com All Rights Reserved. Our Privacy Policy and TOS

  • About
  • Acronyms
  • DLL Files
  • Ports
  • Computer Security News
  • Email Scams & Spam
  • Internet Safety
  • Free Software