3143 matches found
CVE-2018-19040
CVE-2018-19040 affects the WordPress Media File Manager plugin (version 1.4.2 and earlier). The vulnerability is a directory traversal via the dir parameter in the mrelocator_getdir action called through wp-admin/admin-ajax.php, enabling directory listing (and per later sources, may lead to broad...
CVE-2018-19041
The Media File Manager plugin 1.4.2 for WordPress allows XSS via the dir parameter of an mrelocatorgetdir action to the wp-admin/admin-ajax.php URI...
CVE-2018-19042
The Media File Manager plugin 1.4.2 for WordPress allows arbitrary file movement via a ../ directory traversal in the dirfrom and dirto parameters of an mrelocatormove action to the wp-admin/admin-ajax.php URI...
CVE-2018-19043
CVE-2018-19043 affects the WordPress Media File Manager plugin up to version 1.4.2. The vulnerability arises from a directory traversal in the dir parameter of the mrelocator_rename action, allowing arbitrary file renaming via requests to wp-admin/admin-ajax.php. The root cause is insufficient va...
CVE-2019-7236
An issue was discovered in idreamsoft iCMS 7.0.13. editor/editor.admincp.php allows admincp.php?app=editor&do=fileManager dir=../ Directory Traversal...
Advanced File Manager 3.4.1 - Denial of Service Exploit
Exploit Title: Advanced File Manager v3.4.1 - Denial of Service PoC Discovery by: Rafael Pedrero Vendor Homepage: http://www.advexsoft.com Software Link : http://www.advexsoft.com Tested Version: 3.4.1 Tested on: Windows XP SP3 Vulnerability Type: Denial of Service DoS Local Buffer Overflow Steps...
Advanced File Manager 3.4.1 - Denial of Service (PoC)
Advanced File Manager 3.4.1 - Denial of Service PoC Exploit Title: Advanced File Manager v3.4.1 - Denial of Service PoC Discovery by: Rafael Pedrero Discovery Date: 2019-01-30 Vendor Homepage: http://www.advexsoft.com Software Link : http://www.advexsoft.com Tested Version: 3.4.1 Tested on: Windo...
Advanced File Manager 3.4.1 Denial Of Service
Exploit Title: Advanced File Manager v3.4.1 - Denial of Service PoC Discovery by: Rafael Pedrero Discovery Date: 2019-01-30 Vendor Homepage: http://www.advexsoft.com Software Link : http://www.advexsoft.com Tested Version: 3.4.1 Tested on: Windows XP SP3 Vulnerability Type: Denial of Service DoS...
Advanced File Manager 3.4.1 - Denial of Service (PoC)
Exploit Title: Advanced File Manager v3.4.1 - Denial of Service PoC Discovery by: Rafael Pedrero Discovery Date: 2019-01-30 Vendor Homepage: http://www.advexsoft.com Software Link : http://www.advexsoft.com Tested Version: 3.4.1 Tested on: Windows XP SP3 Vulnerability Type: Denial of Service DoS...
CVE-2019-7173
A stored-self XSS exists in Croogo through v3.0.5, allowing an attacker to execute HTML or JavaScript code in a vulnerable Title field to /admin/file-manager/attachments/edit/4...
CVE-2019-7173
A stored-self XSS exists in Croogo through v3.0.5, allowing an attacker to execute HTML or JavaScript code in a vulnerable Title field to /admin/file-manager/attachments/edit/4...
CVE-2019-7173
A stored-self XSS exists in Croogo through v3.0.5, allowing an attacker to execute HTML or JavaScript code in a vulnerable Title field to /admin/file-manager/attachments/edit/4...
Webmin 1.900 Remote Command Execution
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'uri' class MetasploitModule 'Webmin 1.900 - Remote Command Execution', 'Description' = %q This module exploits an arbitrary command execution...
Webmin 1.900 - Remote Command Execution (Metasploit)
Webmin 1.900 - Remote Command Execution Metasploit This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'uri' class MetasploitModule 'Webmin 1.900 - Remote Command Execution', 'Description' = %q...
Webmin 1.900 - Remote Command Execution (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'uri' class MetasploitModule 'Webmin 1.900 - Remote Command Execution', 'Description' = %q This module exploits an arbitrary command execution...
CVE-2019-6447
The ES File Explorer File Manager application through 4.1.9.7.4 for Android allows remote attackers to read arbitrary files or execute applications via TCP port 59777 requests on the local Wi-Fi network. This TCP port remains open after the ES application has been launched once, and responds to...
CVE-2019-6447
The CVE-2019-6447 vulnerability affects ES File Explorer File Manager on Android (versions up to 4.1.9.7.4). The issue arises from an HTTP server listening on port 59777 that remains open after app launch; it can be reached over a local Wi‑Fi network and responds to unauthenticated application/js...
PT-2019-18094 · Es · Es File Explorer File Manager
Name of the Vulnerable Software and Affected Versions: ES File Explorer File Manager versions through 4.1.9.7.4 Description: The issue allows remote attackers to read arbitrary files or execute applications via TCP port 59777 requests on the local Wi-Fi network. This TCP port remains open after t...
i-doit CMDB 1.12 - Arbitrary File Download
i-doit CMDB 1.12 - Arbitrary File Download Exploit Title: i-doit CMDB 1.12 - Arbitrary File Download Dork: N/A Date: 2019-01-11 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.i-doit.org/ Software Link: https://netcologne.dl.sourceforge.net/project/i-doit/i-doit/1.12/idoit-open-1.12.zip...
i-doit CMDB 1.12 Arbitrary File Download
Exploit Title: i-doit CMDB 1.12 - Arbitrary File Download Dork: N/A Date: 2019-01-11 Exploit Author: Ihsan Sencan Vendor Homepage: https://www.i-doit.org/ Software Link: https://netcologne.dl.sourceforge.net/project/i-doit/i-doit/1.12/idoit-open-1.12.zip Version: 1.12 Category: Webapps Tested on:...