CVE-2014-2720

IZArc 4.1.8 is vulnerable due to a mismatch between ZIP Central Directory data (file name) and the Local File Header used to launch the file. This allows user‑assisted remote attackers to perform file‑extension spoofing that can lead to unintended code execution, demonstrated when a .jpg in the C...

WordPress Plugin Work-The-Flow 1.2.1 - Arbitrary File Upload

WordPress Plugin Work-The-Flow 1.2.1 - Arbitrary File Upload Author: nopesled Date: 24/04/14 Software: https://wordpress.org/plugins/work-the-flow-file-upload/ Company: http://wtf-fu.com/ Version: 1.2.1 Tested on: Windows 7 Vulnerability: Unrestricted File Upload Submit an image file via the wtf...

Adobe Reader 'File Extension' Buffer Overflow Vulnerability - Windows

Adobe Reader is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:acrobatreader";...

pivotx -- Multiple unrestricted file upload vulnerabilities

Pivotx reports: Multiple unrestricted file upload vulnerabilities in fileupload.php in PivotX before 2.3.9 allow remote authenticated users to execute arbitrary PHP code by uploading a file with a 1 .php or 2 .php extension, and then accessing it via unspecified vectors...

WinRar 4.2 file extension spoofing vulnerability EXP-vulnerability warning-the black bar safety net

First input required to run the name of the program, then enter the required display name, and then input the output file name can be import zipfile import binascii print " Code By Cond0r\n \n " newname=rawinput"Shellcode File:" realname=rawinput"Display Name:" zipname=rawinput"Out Name:" def...

Microsoft Windows Shell MSHTA Script Execution in OLE Files (MS05-016) - Ver2 (CVE-2005-0063)

The Windows operating system provides facilities that make it possible to invoke different applications to handle different types of files. This makes it possible for a user to double click on a known image type file, for instance, and by that action launch the proper application to display or ed...

WordPress Theme Kiddo - Arbitrary File Upload

WordPress Theme Kiddo - Arbitrary File Upload source: https://www.securityfocus.com/bid/65460/info The Kiddo theme for WordPress is prone to a vulnerability that lets attackers upload arbitrary files. The issue occurs because the application fails to sufficiently sanitize file extensions. An...

PHPThumb - PHPThumb.php Arbitrary File Upload

PHPThumb - PHPThumb.php Arbitrary File Upload source: https://www.securityfocus.com/bid/64041/info phpThumb is prone to a vulnerability that lets attackers upload arbitrary files. The issue occurs because it fails to properly validate file extensions before uploading them. An attacker may leverag...

DSA-2791-1 tryton-client - missing input sanitization

Bulletin has no description...

Debian: Security Advisory (DSA-2791-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

WPD files

WordPerfect documents have common file extensions ".WP" and ".WPD", which is used by Corel's proprietary word processing application, WordPerfect. Its popularity was based on the fact that it had been available for a wide variety of computers and operation systems, including Mac OS, Linux, and...

Joomla Unauthorized File Upload Remote Code Execution

A remote code execution vulnerability has been reported in Joomla. The vulnerability is due to improper validation of an uploaded file's extension. A remote attacker may exploit this issue by uploading a specially crafted php file. Successful exploitation would allow an attacker to execute...

imacs CMS 0.3.0 - Unrestricted Arbitrary File Upload

imacs CMS 0.3.0 - Unrestricted Arbitrary File Upload ?php / ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team .. +---------------------------^----------| ,-------, | / XXXXXX /| / / XXXXXX / \ / / XXXXXX /\ / XXXXXX / / XXXXXX / ------' Exploit...

imacs CMS Unrestricted File Upload Exploit

Exploit for php platform in category web applications ?php / ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team .. +---------------------------^----------| ,-------, | / XXXXXX /| / / XXXXXX / \ / / XXXXXX /\ / XXXXXX / / XXXXXX / ------' Exploit...

Havalite CMS 1.1.7 - Unrestricted Arbitrary File Upload

Havalite CMS 1.1.7 - Unrestricted Arbitrary File Upload ?php / ,--^----------,--------,-----,-------^--, | ||||||||| --------' | O .. CWH Underground Hacking Team .. +---------------------------^----------| ,-------, | / XXXXXX /| / / XXXXXX / \ / / XXXXXX /\ / XXXXXX / / XXXXXX / ------' Exploit...

anwsion最新版本任意上传漏洞(通杀所有。。。)

简要描述： 怎么说呢,虽然程序热门,黑市价钱很高！但是得为wooyun贡献点东西吧！！！！白帽子精神！！！！ 希望厂家给个礼物, ^^ 详细说明： 上传附件地方没有好好处理文件后缀问题: 判断的是文件头没有判断后缀问题。。。。。。。。 漏洞证明： http://wenda.anwsion.com/uploads/questions/20121126/e826a3e05a4beb6c24373ba014fe39f8.php pass 合并图片一句话木马成功！！！！！ http://wenda.anwsion.com/robots.txt...

Input validation

Multiple incomplete blacklist vulnerabilities in the Simple File Upload modsimplefileuploadv1.3 module before 1.3.5 for Joomla! allow remote attackers to execute arbitrary code by uploading a file with a 1 php5, 2 php6, or 3 double e.g. .php.jpg extension, then accessing it via a direct request t...

Duvys Media web design and development file upload

Exploit for php platform in category web applications Exploit Title: duvys media web design and development file upload Date: 01.08.2012 Author: DzErRoR Category:: webapps.. Google dork: intext:Website by Duvys Media: Tested on: win7 Demo sites: http://omnirehab.com/...

MS12-005 Microsoft Office ClickOnce Unsafe Object Package Handling

Exploit for windows platform in category local exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

MS12-005 Microsoft Office ClickOnce Unsafe Object Package Handling Vulnerability

This module exploits a vulnerability found in Microsoft Office's ClickOnce feature. When handling a Macro document, the application fails to recognize certain file extensions as dangerous executables, which can be used to bypass the warning message. This can allow attackers to trick victims into...