libarchive security update

CentOS Errata and Security Advisory CESA-2016:1850 An update for libarchive is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

Advanced File Manager 3.0 XSS / Backup Disclosure

======================================================================== | Title : Advanced File Manager v3.0 Creat & Download Backup vulnerability | Author : indoushka | email : [email protected] | Tested on : windows 8.1 FranASSais V.Pro | Version : v3.0 | Vendor :...

WordPress CYSTEME Finder 1.3 Plugin - Arbitrary File Disclosure/Arbitrary File Upload

Exploit for php platform in category web applications Exploit Title: WordPress CYSTEME Finder Plugin 1.3 - Arbitrary File Dislcosure/Arbitrary File Upload Link: https://wordpress.org/plugins/cysteme-finder/ Version: 1.3 Date: August 23rd 2016 Exploit Author: T0w3ntum Author Website: t0w3ntum.com...

WordPress Plugin CYSTEME Finder 1.3 - Arbitrary File DisclosureArbitrary File Upload

WordPress Plugin CYSTEME Finder 1.3 - Arbitrary File DisclosureArbitrary File Upload Exploit Title: WordPress CYSTEME Finder Plugin 1.3 - Arbitrary File Dislcosure/Arbitrary File Upload Link: https://wordpress.org/plugins/cysteme-finder/ Version: 1.3 Date: August 23rd 2016 Exploit Author: T0w3ntu...

Debian DLA-596-1 : extplorer security update

It was discovered that there was an archive traversal exploit in eXtplorer, a web-based file manager. The unzip/extract feature allowed for path traversal as decompressed files can be placed outside of the intended target directory if the archive content contained '../' characters. For Debian 7...

[SECURITY] [DLA 596-1] extplorer security update

Package : extplorer Version : 2.1.0b6+dfsg.3-4+deb7u4 CVE ID : CVE-2016-4313 It was discovered that there was an archive traversal exploit in eXtplorer, a web-based file manager. The unzip/extract feature allowed for path traversal as decompressed files can be placed outside of the intended targe...

Docebo LMS 6.9 - (Moxie) API Calls RST RCE Vulnerability

Document Title: =============== Docebo LMS 6.9 - Moxie API Calls RST RCE Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1888 Video: http://www.vulnerability-lab.com/getcontent.php?id=1892 Release Date: ============= 2016-08-01 Vulnerabilit...

DornCMS v1.4 - (FileManager) Persistent XSS Vulnerability

Document Title: =============== DornCMS v1.4 - FileManager Persistent XSS Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1885 Release Date: ============= 2016-07-26 Vulnerability Laboratory ID VL-ID: ==================================== 18...

DornCMS v1.4 - (FileManager) Persistent XSS Vulnerability

Document Title: =============== DornCMS v1.4 - FileManager Persistent XSS Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1885 Release Date: ============= 2016-07-25 Vulnerability Laboratory ID VL-ID: ==================================== 18...

The vulnerability of the Adobe Bridge file manager, allowing a hacker to execute arbitrary code

The vulnerability of the Adobe Bridge file manager arises from buffer overflow in dynamic memory. Exploiting this vulnerability allows a local attacker to execute arbitrary code...

The vulnerability of the Adobe Bridge file manager, which allows a hacker to execute arbitrary code or cause a service failure

The vulnerability of the Adobe Bridge file manager arises due to buffer overflow in dynamic memory. Exploiting this vulnerability allows a local attacker to execute arbitrary code or cause a service failure memory corruption...

Wolf CMS 0.8.2 Arbitrary PHP File Upload

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Wolfcms 0.8.2 Arbitrary PHP File Upload Vulnerability', 'Description' = %q This module exploits a file upload vulnerability in...

Roxy Fileman 1.4.4 - Arbitrary File Upload

Exploit for php platform in category web applications Exploit Title: Roxy Fileman = 1.4.4 Forbidden File Upload Vulnerability Google Dork: intitle:"Roxy file manager" Date: 15-06-2016 Exploit Author: Tyrell Sassen Vendor Homepage: http://www.roxyfileman.com/ Software Link:...

Roxy Fileman 1.4.4 - Arbitrary File Upload

Roxy Fileman 1.4.4 - Arbitrary File Upload Exploit Title: Roxy Fileman = 1.4.4 Forbidden File Upload Vulnerability Google Dork: intitle:"Roxy file manager" Date: 15-06-2016 Exploit Author: Tyrell Sassen Vendor Homepage: http://www.roxyfileman.com/ Software Link:...

Roxy File Manager 1.4.4 Shell Upload

Exploit Title: Roxy Fileman = 1.4.4 Forbidden File Upload Vulnerability Google Dork: intitle:"Roxy file manager" Date: 15-06-2016 Exploit Author: Tyrell Sassen Vendor Homepage: http://www.roxyfileman.com/ Software Link: http://www.roxyfileman.com/download.php?f=1.4.4-php Version: 1.4.4 Tested on:...

Roxy Fileman 1.4.4 - Arbitrary File Upload

Exploit Title: Roxy Fileman = 1.4.4 Forbidden File Upload Vulnerability Google Dork: intitle:"Roxy file manager" Date: 15-06-2016 Exploit Author: Tyrell Sassen Vendor Homepage: http://www.roxyfileman.com/ Software Link: http://www.roxyfileman.com/download.php?f=1.4.4-php Version: 1.4.4 Tested on:...

PT-2016-07: Unauthorized Access in Vesta Control Panel

The specialists of the Positive Research center have detected an Unauthorized Access vulnerability in Vesta Control Panel. Directory /web/filemanager/ contains scenarios which perform file manager operations in control panel. Scenario files.php lacks active user session checking that allows...

eXtplorer 2.1.9 - '.ZIP' Directory Traversal

Exploit for php platform in category web applications / + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/EXTPLORER-ARCHIVE-PATH-TRAVERSAL.txt + ISR: apparitionsec Vendor: ============== extplorer.net Product:...

eXtplorer 2.1.9 - .ZIP Directory Traversal

eXtplorer 2.1.9 - .ZIP Directory Traversal / + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/EXTPLORER-ARCHIVE-PATH-TRAVERSAL.txt + ISR: apparitionsec Vendor: ============== extplorer.net Product: ==================...

eXtplorer 2.1.9 - '.ZIP' Directory Traversal

/ + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/EXTPLORER-ARCHIVE-PATH-TRAVERSAL.txt + ISR: apparitionsec Vendor: ============== extplorer.net Product: ================== eXtplorer v2.1.9 eXtplorer is a PHP and...