7 matches found
CVE-2019-18952
SibSoft Xfilesharing through 2.5.1 allows cgi-bin/up.cgi arbitrary file upload. This can be combined with CVE-2019-18951 to achieve remote code execution via a .html file, containing short codes, that is served over HTTP...
Xfilesharing 2.5.1 - Arbitrary File Upload
Exploit Title: Xfilesharing 2.5.1 - Arbitrary File Upload Google Dork: inurl:/?op=registration Date: 2019-11-4 Exploit Author: Noman Riffat Vendor Homepage: https://sibsoft.net/xfilesharing.html Version: Shell : http://xyz.com/cgi-bin/temp/joe/shell.php Local File Inclusion...
Xfilesharing 2.5.1 Local File Inclusion / Shell Upload
Exploit Title: Xfilesharing 2.5.1 - Arbitrary File Upload Google Dork: inurl:/?op=registration Date: 2019-11-4 Exploit Author: Noman Riffat Vendor Homepage: https://sibsoft.net/xfilesharing.html Version: Shell : http://xyz.com/cgi-bin/temp/joe/shell.php Local File Inclusion...
CVE-2019-18952
SibSoft Xfilesharing through 2.5.1 allows cgi-bin/up.cgi arbitrary file upload. This can be combined with CVE-2019-18951 to achieve remote code execution via a .html file, containing short codes, that is served over HTTP...
CVE-2019-18952
SibSoft Xfilesharing through 2.5.1 allows cgi-bin/up.cgi arbitrary file upload. This can be combined with CVE-2019-18951 to achieve remote code execution via a .html file, containing short codes, that is served over HTTP...
CVE-2019-18952
SibSoft Xfilesharing through 2.5.1 allows cgi-bin/up.cgi arbitrary file upload. This can be combined with CVE-2019-18951 to achieve remote code execution via a .html file, containing short codes, that is served over HTTP...
CVE-2019-18952
CVE-2019-18952 affects SibSoft Xfilesharing up to version 2.5.1, enabling an arbitrary file upload through cgi-bin/up.cgi. The accompanying data shows this can be chained with CVE-2019-18951 (directory traversal via op=page&tmpl=…) to achieve remote code execution, using a crafted HTML file serve...