WordPress Hungred Post Thumbnail 2.1.9 Shell Upload

Description : Wordpress Plugins - Hungred Post Thumbnail Arbitrary File Upload Vulnerability Version : 2.1.9 Link : http://wordpress.org/extend/plugins/hungred-post-thumbnail/ Plugins : http://downloads.wordpress.org/plugin/hungred-post-thumbnail.zip Date : 31-05-2012 Google Dork :...

Wordpress Plugins - Hungred Post Thumbnail Arbitrary File Upload Vulnerability

Exploit for php platform in category web applications Description : Wordpress Plugins - Hungred Post Thumbnail Arbitrary File Upload Vulnerability Version : 2.1.9 Link : http://wordpress.org/extend/plugins/hungred-post-thumbnail/ Plugins :...

CVE-2012-0298

The file-management scripts in the management GUI in Symantec Web Gateway 5.0.x before 5.0.3 allow remote attackers to 1 read or 2 delete arbitrary files via unspecified vectors...

Design/Logic Flaw

The file-management scripts in the management GUI in Symantec Web Gateway 5.0.x before 5.0.3 allow remote attackers to 1 read or 2 delete arbitrary files via unspecified vectors...

CVE-2012-0299

The file-management scripts in the management GUI in Symantec Web Gateway 5.0.x before 5.0.3 allow remote attackers to upload arbitrary code to a designated pathname, and possibly execute this code, via unspecified vectors...

CVE-2012-0298

CVE-2012-0298 affects Symantec Web Gateway before 5.0.3. The management GUI file-management scripts allow remote attackers to read or delete arbitrary files via directory traversal vectors (noted for the relfile parameter). Affected product/version: Symantec Web Gateway 5.0.x up to 5.0.2.x. Impac...

CVE-2012-0299

CVE-2012-0299 affects Symantec Web Gateway 5.0.x (pre-5.0.3) where file-management scripts in the management GUI allow remote upload of arbitrary code to a designated pathname, potentially enabling remote code execution. This is evidenced by multiple sources in the connected data, including NVD d...

CVE-2012-0298

The file-management scripts in the management GUI in Symantec Web Gateway 5.0.x before 5.0.3 allow remote attackers to 1 read or 2 delete arbitrary files via unspecified vectors...

Symantec Web Gateway upload_file Remote Code Execution Vulnerability

The file-management scripts in the management GUI in Symantec Web Gateway 5.0.x before 5.0.3 allow remote attackers to upload arbitrary code to a designated pathname, and possibly execute this code, via unspecified vectors. Recent assessments: wchen-r7 at September 12, 2019 6:07pm UTC reported:...

MySQLDumper 1.24.4 - 'filemanagement.php?f' Traversal Arbitrary File Access

source: https://www.securityfocus.com/bid/53306/info MySQLDumper is prone to multiple security vulnerabilities, including: 1. Multiple cross-site scripting vulnerabilities. 2. A local file-include vulnerability. 3. Multiple cross-site request-forgery vulnerabilities. 4. Multiple...

HDWiKi V 4.0.3 及 HDWiKi V5.1 后台上SHELL

简要描述： 前几天刚爆了5.1的注入漏洞,在对一个站检测时，发现对方使用的是HDWiKi V 4.0.3版，网上关于模板写马的，好像在这个版本用不了，研究了下，就发现了这个上传WEBshell的方法！ 详细说明： HDWiKi V 4.0.3 在在线安装插件时，没有对压缩包的文件里面的文件做检测，可以先将马放在压缩包里面，再在线安装！ 如图： 安装好后，马马就在plugins下面对应的插件目录里面，具体如何找，你懂的！ HDWiki V5.1 的就简单了，模块下面有个文件管理！直接可以上传的！ 找回密码链接，可以预测： 这个有点难度，主要有2点： 1，要知道被破账号的邮件地址； 2,要抓...

FileStream Turbo Browser v11.6 - Buffer Overflow

Document Title: =============== FileStream Turbo Browser v11.6 - Buffer Overflow References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=491 Release Date: ============= 2012-04-10 Vulnerability Laboratory ID VL-ID: ==================================== 491 Common...

osFileManager 2.2 CSRF / XSS / Disclosure

========================================================================== Vulnerable Software: osFileManager2.2 ========================================================================== Official site:http://www.osfilemanager.com/ md5sum .zip df708d52ab2a50aa20fa9c6d779bc979 osFileManager2.2.zip...

Debian DSA-2423-1 : movabletype-opensource - several vulnerabilities

Several vulnerabilities were discovered in Movable Type, a blogging system : Under certain circumstances, a user who has 'Create Entries' or'Manage Blog' permissions may be able to read known files on the local file system. The file management system contains shell command injection...

CVE-2012-0319

The file-management system in Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 allows remote authenticated users to execute arbitrary commands by leveraging the file-upload feature, related to an "OS Command Injection" issue...

CVE-2012-0319

The file-management system in Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 allows remote authenticated users to execute arbitrary commands by leveraging the file-upload feature, related to an "OS Command Injection" issue...

CVE-2012-0319

The file-management system in Movable Type before 4.38, 5.0x before 5.07, and 5.1x before 5.13 allows remote authenticated users to execute arbitrary commands by leveraging the file-upload feature, related to an "OS Command Injection" issue...

CVE-2012-0319

The CVE-2012-0319 issue affects Movable Type file-management: MT versions before 4.38, 5.0x before 5.07, and 5.1x before 5.13 are vulnerable due to an OS Command Injection in the file-upload feature. A remote authenticated user with upload permissions can execute arbitrary commands. Documents con...

Movable Type vulnerable to OS command injection

Overview Movable Type contains an OS command injection vulnerability. Movable Type contains an OS command injection vulnerability in its file management system. Impact A user with a privilege to upload files may execute an arbitrary OS command. Solution Update the software Update to the latest...

JVN#92683325: Movable Type vulnerable to OS command injection

Movable Type contains an OS command injection vulnerability in its file management system. Impact A user with a privilege to upload files may execute an arbitrary OS command. Solution Update the software Update to the latest version of each product according to the information provided by the...