Lucene search
K

696 matches found

Packet Storm
Packet Storm
added 2018/12/20 12:0 a.m.56 views

WordPress ChenPress 3.1.1 Shell Upload

Exploit Title : WordPress ChenPress Plugins 3.1.1 Remote Shell Upload Vulnerability Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 20/12/2018 Vendor Homepage : wordpress.org groups-beta.google.com/group/ChenPress Software Download Link :...

0.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/10/16 12:0 a.m.22 views

Debian DSA-4318-1 : moin - security update

Nitin Venkatesh discovered a cross-site scripting vulnerability in moin, a Python clone of WikiWiki. A remote attacker can conduct cross-site scripting attacks via the GUI editor's link dialogue. This only affects installations which have set up fckeditor not enabled by default. C Tenable Network...

6.1CVSS5.9AI score0.01924EPSS
Exploits0References5
Prion
Prion
added 2018/09/28 5:29 a.m.14 views

Design/Logic Flaw

The Wp-Insert plugin through 2.4.2 for WordPress allows upload of arbitrary PHP code because of the exposure and configuration of FCKeditor under fckeditor/editor/filemanager/browser/default/browser.html, fckeditor/editor/filemanager/connectors/test.html, and...

7.5CVSS9.7AI score0.03364EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2018/09/28 5:29 a.m.4 views

CVE-2018-17573

The Wp-Insert plugin through 2.4.2 for WordPress allows upload of arbitrary PHP code because of the exposure and configuration of FCKeditor under fckeditor/editor/filemanager/browser/default/browser.html, fckeditor/editor/filemanager/connectors/test.html, and...

9.8CVSS5.9AI score0.03364EPSS
Exploits1References2
NVD
NVD
added 2018/09/28 5:29 a.m.18 views

CVE-2018-17573

The Wp-Insert plugin through 2.4.2 for WordPress allows upload of arbitrary PHP code because of the exposure and configuration of FCKeditor under fckeditor/editor/filemanager/browser/default/browser.html, fckeditor/editor/filemanager/connectors/test.html, and...

9.8CVSS9.8AI score0.03364EPSS
Exploits1References2
Cvelist
Cvelist
added 2018/09/28 5:0 a.m.25 views

CVE-2018-17573

The Wp-Insert plugin through 2.4.2 for WordPress allows upload of arbitrary PHP code because of the exposure and configuration of FCKeditor under fckeditor/editor/filemanager/browser/default/browser.html, fckeditor/editor/filemanager/connectors/test.html, and...

9.8AI score0.03364EPSS
Exploits1References2
CNVD
CNVD
added 2018/09/28 12:0 a.m.2 views

Wordpress plugin Wp Insert 'Fckeditor' arbitrary file upload vulnerability

WordPress is a blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. Wordpress plugin Wp Insert 'Fckeditor' has an arbitrary file upload vulnerability that can be exploited by attackers to upload arbitrary files...

7AI score
Exploits0References1
Packet Storm
Packet Storm
added 2018/09/27 12:0 a.m.54 views

WordPress WP Insert 2.4.2 Arbitrary File Upload

Exploit Title: Wordpress Plugin Wp Insert - 'Fckeditor' Arbitrary File Upload Exploit Author: Mostafa Gharzi Website: https://www.certcc.ir Date: 2018-09-27 Google Dork: /wp-content/plugins/wp-insert Vendor: Namith Jawahar Software Link: https://wordpress.org/plugins/wp-insert/ Affected Version:...

0.2AI score
Exploits0
0day.today
0day.today
added 2018/09/27 12:0 a.m.32 views

WordPress WP Insert 2.4.2 Arbitrary File Upload Vulnerability

Exploit for php platform in category web applications Exploit Title: Wordpress Plugin Wp Insert - 'Fckeditor' Arbitrary File Upload Exploit Author: Mostafa Gharzi Website: https://www.certcc.ir Google Dork: /wp-content/plugins/wp-insert Vendor: Namith Jawahar Software Link:...

0.1AI score
Exploits0
NVD
NVD
added 2018/05/07 1:29 p.m.20 views

CVE-2018-10795

Liferay 6.2.x and before has an FCKeditor configuration that allows an attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment via a browser/liferay/browser.html?Type= or...

8.8CVSS8.6AI score0.01789EPSS
Exploits1References1
Prion
Prion
added 2018/05/07 1:29 p.m.18 views

Design/Logic Flaw

DISPUTED Liferay 6.2.x and before has an FCKeditor configuration that allows an attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment via a browser/liferay/browser.html?Type= or...

6.5CVSS8.5AI score0.01789EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2018/05/07 1:29 p.m.7 views

CVE-2018-10795

Liferay 6.2.x and before has an FCKeditor configuration that allows an attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment via a browser/liferay/browser.html?Type= or...

8.8CVSS8.6AI score
Exploits0References1
CVE
CVE
added 2018/05/07 1:0 p.m.100 views

CVE-2018-10795

CVE-2018-10795 affects Liferay 6.2.x and earlier. A misconfiguration in FCKeditor could allow an attacker to upload or transfer dangerous file types via the URIs browser.html?Type= or editor/filemanager/browser/liferay/browser.html, potentially enabling processing within the product’s environment...

8.8CVSS8.5AI score0.01789EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2018/05/07 1:0 p.m.18 views

CVE-2018-10795

Liferay 6.2.x and before has an FCKeditor configuration that allows an attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment via a browser/liferay/browser.html?Type= or...

8.6AI score0.01789EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2018/05/07 12:0 a.m.3 views

PT-2018-10108 · Cksource +1 · Ckeditor +1

Name of the Vulnerable Software and Affected Versions: Liferay versions 6.2.x and earlier Description: The issue concerns an FCKeditor configuration that may allow an attacker to upload or transfer files of potentially dangerous types. These files can be automatically processed within the product...

8.8CVSS8.8AI score0.01789EPSS
Exploits1References4
CNVD
CNVD
added 2016/12/13 12:0 a.m.3 views

Fckeditor Arbitrary File Upload Vulnerability and Directory Traversal Vulnerability in Office System of Ningbo Jieda Software Co.

Jeedaa ERP software is designed for domestic small and medium-sized manufacturing enterprises that produce or process on their own, and at the same time incidentally carry out sales. Jeedaa Office Management System Jeedaa OA is a collaborative office management platform. Jeeda eHR is used to...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2016/11/05 12:0 a.m.21 views

FCKEditor Core - (Editor 'spellchecker.php') Cross-Site Scripting

No description provided by source...

7.1AI score
Exploits0
CNVD
CNVD
added 2016/10/12 12:0 a.m.5 views

File Upload Vulnerability in Fckeditor, a Teaching Management System of Zhengfang Software Co.

The Zhengfang Academic Affairs System is a multi-module integrated information management system for all departments of the college as well as users at all levels, including academic affairs public information maintenance, student management, faculty management, etc. The system is designed to be...

6.8AI score
Exploits0
CNVD
CNVD
added 2016/10/11 12:0 a.m.4 views

Jinan Guozi Digital Technology Asset Management System fckeditor exists arbitrary file upload vulnerability

Asset management system of Jinan Guozi Digital Technology Co., Ltd. is a set of sharing and management platform for precision instruments or large instruments. Jinan Guozidian Digital Technology Asset Management System fckeditor has an arbitrary file upload vulnerability, which can be exploited b...

7.2AI score
Exploits0
myhack58
myhack58
added 2016/08/24 12:0 a.m.23 views

A simple description of the Fckeditor upload parsing vulnerability-vulnerability warning-the black bar safety net

Directly through the known path to the file that broke the fck Editor Version information: FCKeditor/whatsnew.html ! 2 0 1 6 0 8 2 3 1 9 2 4 0 8 Through a common upload address, to test the upload point whether the presence of: FCKeditor/editor/filemanager/browser/default/connectors/asp/connector...

6.9AI score
Exploits0
Rows per page
Query Builder