3141 matches found
yTree 1.94-1.1 - Local Buffer Overflow (PoC)
Exploit Author: Juan Sacco - http://www.exploitpack.com [email protected] Program affected: yTree - File manager for terminals v1.94-1.1 Description: yTree is prone to a stack-based overflow, an attacker could exploit this issue to execute arbitrary code in the context of the application...
File Manager PRO v1.3 iOS - Multiple Web Vulnerabilities
Document Title: =============== File Manager PRO v1.3 iOS - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1704 Release Date: ============= 2016-02-03 Vulnerability Laboratory ID VL-ID: ====================================...
PHP File Manager 0.9.8 Authentication Bypass / Code Execution
PHP File Manager 0.9.8 http://phpfm.sourceforge.net/ is vulnerable to authentication bypass due to insecure implementation of register globals emulation. An attacker is able to override the blockKeys array and thus build a valid session and access all the protected functionality including executi...
KODExplorer Web File Manager Cross Site Scripting
================================================================================ KODExplorer web file manager - Cross Site Scripting ================================================================================ Vendor Homepage: https://github.com/kalcaddle/KODExplorer/ - http://kalcaddle.com/...
Gnome Nautilus Denial of Service Vulnerability
Nautilus is a file file manager for the Linux desktop operating system Gnome environment. A denial of service vulnerability exists in Gnome Nautilus. The vulnerability allows attackers to launch a denial of service attack and cause a system crash...
[SECURITY] Fedora 22 Update: tubo-5.0.15-3.fc22
The Libtubo library is small and simple function set to enable a process to run any other process in the background and communicate via the std-out, std-err and std-in file descriptors. This library is used by Rodent file-manager but is also available here for other programs to use freely...
[SECURITY] Fedora 21 Update: tubo-5.0.15-3.fc21
The Libtubo library is small and simple function set to enable a process to run any other process in the background and communicate via the std-out, std-err and std-in file descriptors. This library is used by Rodent file-manager but is also available here for other programs to use freely...
[SECURITY] Fedora 23 Update: tubo-5.0.15-3.fc23
The Libtubo library is small and simple function set to enable a process to run any other process in the background and communicate via the std-out, std-err and std-in file descriptors. This library is used by Rodent file-manager but is also available here for other programs to use freely...
b374k 3.2.3 2.8 CSRF / Command Injection Vulnerabilities
b374k web shell versions 2.8 and 3.2.3 suffer from a cross site request forgery vulnerability that allows for remote command injection. Vendor: ============================================ github.com/b374k/b374k code.google.com/p/b374k-shell/downloads/list code.google.com/archive/p/b374k-shell/...
WordPress media-file-manager-advanced Plugin Multiple Vulnerabilites
No description provided by source. Post Delete http://domain.tld/wp-admin/admin-ajax.php?action=mfmarelocatordelete post: id=17 MKDIR http://domain.tld/wp-admin/admin-ajax.php?action=mfmarelocatormkdir newdir=EVEXFOLDER folder exists: http://domain.tld/wp-contents/uploads/EVEXFOLDER RMDIR Dir Mus...
Revived Wire Media PHP File Manager Username Backdoor
An attacker might use a backdoor which exists in PHP File Manager's user database. A successful exploitation might allow the attacker to create an administrator user on vulnerable installations or to run arbitrary code...
Wolf CMS - Arbitrary File Upload / Execution
Exploit Title : Wolf CMS 0.8.2 Arbitrary File Upload To Command Execution Reported Date : 05-May-2015 Fixed Date : 10-August-2015 Exploit Author : Narendra Bhati CVE ID : CVE-2015-6567 , CVE-2015-6568 Contact: Facebook : https://facebook.com/narendradewsoft Twitter :...
PHP File Manager Detection (HTTP)
HTTP based detection of PHP File Manager. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.106033"...
PHP File Manager Backdoor Vulnerability
PHP File Manager consists of a default backdoor user. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
PHP File Manager Riddled With Vulnerabilities, Including Backdoor
Multiple critical vulnerabilities have existed, some for nearly five years, in PHP File Manager, a web-based file manager used by several high profile corporations. According to Sijmen Ruwhof, a security consultant and penetration tester based in the Netherlands, some of the issues have been...
Android Droidware UK Explorer+ File Manager Application Directory Traversal Vulnerability
Droidware UK Explorer+ File Manager application for Android is a file manager based on the Android platform. A directory traversal vulnerability exists in the Android Droidware UK Explorer+ File Manager application prior to version 2.3.3. A remote attacker can exploit this vulnerability to write...
CVE-2015-2966
Directory traversal vulnerability in the Droidware UK Explorer+ File Manager application before 2.3.3 for Android allows remote attackers to write to arbitrary files via unspecified vectors...
Directory traversal
Directory traversal vulnerability in the Droidware UK Explorer+ File Manager application before 2.3.3 for Android allows remote attackers to write to arbitrary files via unspecified vectors...
CVE-2015-2966
Directory traversal vulnerability in the Droidware UK Explorer+ File Manager application before 2.3.3 for Android allows remote attackers to write to arbitrary files via unspecified vectors...
CVE-2015-2966
CVE-2015-2966 affects Droidware UK Explorer+ File Manager for Android, prior to version 2.3.3. A directory traversal issue in how file names are processed allows a remote, unauthenticated attacker to write arbitrary files in directories the app can access. Impact is remote code or data tampering ...