darksecurity.de | Entries tagged as lfi

Skip to content

Entries tagged as lfi

SSCHADV2011-034 - osCSS2 "_ID" parameter Local file inclusion

Posted by Stefan Schurtz on Tuesday, November 8. 2011

Advisory:	osCSS2 "_ID" parameter Local file inclusion
Advisory ID:	SSCHADV2011-034
Author:	Stefan Schurtz
Affected Software:	Successfully tested on osCSS2 2.1.0 (latest version)
Vendor URL:	http://oscss.org/
Vendor Status:	Fixed in svn branche 2.1.0 and reported in develop version 2.1.1
EDB-ID:	18099

======================
Vulnerability Description:
======================

osCSS2 2.1.0 "_ID" parameter is prone to a LFI vulnerability

Continue reading "SSCHADV2011-034 - osCSS2 "_ID" parameter Local file inclusion"

SSCHADV2011-012 - Multiple vulnerabilities in Zimplit CMS

Posted by on Monday, September 5. 2011

Advisory:	Multiple vulnerabilities in Zimplit CMS
Advisory ID:	SSCHADV2011-012
Author:	Stefan Schurtz
Affected Software:	v3.0
Vendor URL:	http://www.zimplit.com/
Vendor Status:	informed
CVE-ID:	-

======================
Vulnerability Description:
======================

The Zimplit CMS is prone to multiple vulnerabilities.

Continue reading "SSCHADV2011-012 - Multiple vulnerabilities in Zimplit CMS"

Sidebar

Calendar

Werbung

Exploit-DB updates by Offensive Security

[webapps] Eve-ng 5.0.1-13 - Stored Cross-Site Scripting (XSS)

Thursday, March 30. 2023

[webapps] WPForms 1.7.8 - Cross-Site Scripting (XSS)

Thursday, March 30. 2023

[local] Zillya Total Security 3.0.2367.0 - Local Privilege Escalation

Thursday, March 30. 2023

[webapps] Shoplazza 1.1 - Stored Cross-Site Scripting (XSS)

Thursday, March 30. 2023

[webapps] LISTSERV 17 - Insecure Direct Object Reference (IDOR)

Thursday, March 30. 2023

OpenBSD Journal

Theo de Raadt at CanSecWest: Synthetic Memory Protections

Saturday, March 25. 2023

OpenBGPD 7.9 released

Thursday, March 23. 2023

(Even more) Aggressive randomisation of stack location

Sunday, March 19. 2023

rpki-client 8.3 released

Sunday, March 19. 2023

-current has moved to 7.3, ports commits restricted pending release

Saturday, March 18. 2023

OpenBGPD 7.8 released

Saturday, March 18. 2023

LibreSSL 3.7.1 Released

Thursday, March 16. 2023

OpenSSH 9.3/9.3p1 released

Thursday, March 16. 2023

Theo de Raadt to be presenting at CanSecWest.

Monday, March 13. 2023

Archives

Blog Administration

Open login screen

Imprint | Contact | Privacy Statement