CVE-2018-16373

Frog CMS 0.9.5 has an Upload vulnerability that can create files via /admin/?/plugin/filemanager/save...

Frog CMS File Upload Vulnerability (CNVD-2019-10141)

Frog CMS is a content management system CMS developed by software developer Philippe Archambault. The system provides tools for page templates, user rights management, and document management. A file upload vulnerability exists in Frog CMS 0.9.5, which can be exploited by an attacker via /admin/?...

Responsive FileManager Information Disclosure Vulnerability

Responsive FileManager is an open source file manager written in PHP that supports uploading and managing videos, images and other files. An information disclosure vulnerability exists in the /filemanager/upload.php file in versions of Responsive FileManager prior to 9.13.3, which stems from the...

CVE-2018-15495

/filemanager/upload.php in Responsive FileManager before 9.13.3 allows Directory Traversal and SSRF because the url parameter is used directly in a curlexec call, as demonstrated by a file:///etc/passwd value...

CVE-2018-14728

CVE-2018-14728 affects Responsive FileManager 9.13.1 where the upload.php endpoint allows a server‑side request forgery (SSRF) via the parameter. The issue is documented in multiple sources (NVD entry for CVE‑2018‑14728 and the Nuclei template) and is classified as high/critical impact (NS: netw...

Huawei SafeBox Manager Security Bypass Vulnerability

Huawei SafeBox Manager is a security product from huawei. The Huawei SafeBox Manager security bypass vulnerability allows attackers to exploit a vulnerability to bypass the Secure File Manager privileges to access sensitive device information or files...

Huawei SafeBox Manager 6.30.057.L - Bypass Vulnerability

Document Title: =============== Huawei SafeBox Manager 6.30.057.L - Bypass Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1789 Release Date: ============= 2018-07-17 Vulnerability Laboratory ID VL-ID: ====================================...

Server side request forgery (ssrf)

A Server Side Request Forgery SSRF vulnerability in tools/files/importers/remote.php in concrete5 8.2.0 can lead to attacks on the local network and mapping of the internal network, because of URL functionality on the File Manager page...

CVE-2018-13790

A Server Side Request Forgery SSRF vulnerability in tools/files/importers/remote.php in concrete5 8.2.0 can lead to attacks on the local network and mapping of the internal network, because of URL functionality on the File Manager page...

CVE-2018-13790

CVE-2018-13790 affects concrete5 8.2.0 via SSRF in tools/files/importers/remote.php, allowing an attacker to cause requests to internal hosts (local-network discovery/mapping) through the File Manager URL handling. NVD CVSS metrics show CVSS‑3.1 base score 7.2 (HIGH) with network attack vector, l...

CMS Made Simple File Manager Remote Code Execution (CVE-2018-1000094)

A remote command execution vulnerability exists in the File Manager interface of CMS Made Simple 2.2.5. By uploading a malicious file, an authenticated attacker with administrator privileges can exploit this vulnerability for execution of arbitrary code...

VMware AirWatch Agent Remote Code Execution Vulnerability

VMWare Airwatch Agent for Android is an Android-based device management solution from VMware that supports monitoring and managing an entire smartphone fleet. The solution supports monitoring and managing the entire smartphone fleet.VMWare Airwatch Agent for Windows Mobile is a version based on t...

Remote code execution

The VMware AirWatch Agent for Android prior to 8.2 and AirWatch Agent for Windows Mobile prior to 6.5.2 contain a remote code execution vulnerability in real time File Manager capabilities. This vulnerability may allow for unauthorized creation and execution of files in the Agent sandbox and othe...

CVE-2018-6968

The VMware AirWatch Agent for Android prior to 8.2 and AirWatch Agent for Windows Mobile prior to 6.5.2 contain a remote code execution vulnerability in real time File Manager capabilities. This vulnerability may allow for unauthorized creation and execution of files in the Agent sandbox and othe...

VMware AirWatch Agent updates resolve remote code execution vulnerability.

The VMware AirWatch Agent for Android and Windows Mobile devices contain a remote code execution vulnerability in real time File Manager capabilities. This vulnerability may allow for unauthorized creation and execution of files in the Agent sandbox and other publicly accessible directories such ...

VMware AirWatch Agent updates resolve remote code execution vulnerability.

The VMware AirWatch Agent for Android and Windows Mobile devices contain a remote code execution vulnerability in real time File Manager capabilities. This vulnerability may allow for unauthorized creation and execution of files in the Agent sandbox and other publicly accessible directories such ...

File System Crawler: diskover

diskover is an open source file system crawler and disk space usage software that uses Elasticsearch to index and manage data across heterogeneous storage systems. Using diskover, you are able to more effectively search and organize files and system administrators are able to manage storage...

CVE-2017-1000002

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/atutorfilemanagertraversal.rb...

CVE-2018-11098

An issue was discovered in Frog CMS 0.9.5. There is a file upload vulnerability via the admin/?/plugin/filemanager/upload URI, a similar issue to CVE-2014-4912...

CVE-2018-10806

An issue was discovered in Frog CMS 0.9.5. There is a reflected Cross Site Scripting Vulnerability via the filecurrentname parameter to the admin/?/plugin/filemanager/rename URI. This can be used in conjunction with CSRF...