FileBug 1.5.1 Directory Traversal

Document Title: =============== FileBug v1.5.1 iOS - Path Traversal Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1342 Release Date: ============= 2014-10-15 Vulnerability Laboratory ID VL-ID: ==================================== 1342...

File Manager v4.2.10 iOS - Code Execution Vulnerability

Document Title: =============== File Manager v4.2.10 iOS - Code Execution Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1343 Release Date: ============= 2014-10-21 Vulnerability Laboratory ID VL-ID: ==================================== 13...

Croogo 2.0.0 - Arbitrary PHP Code Execution

Croogo 2.0.0 - Arbitrary PHP Code Execution !/usr/bin/env python Croogo 2.0.0 Arbitrary PHP Code Execution Exploit Vendor: Fahad Ibnay Heylaal Product web page: http://www.croogo.org Affected version: 2.0.0 Summary: Croogo is a free, open source, content management system for PHP, released under...

Croogo 2.0.0 Arbitrary PHP Code Execution

!/usr/bin/env python Croogo 2.0.0 Arbitrary PHP Code Execution Exploit Vendor: Fahad Ibnay Heylaal Product web page: http://www.croogo.org Affected version: 2.0.0 Summary: Croogo is a free, open source, content management system for PHP, released under The MIT License. It is powered by CakePHP MV...

Croogo 2.0.0 Arbitrary PHP Code Execution / Cross Site Scripting Vulnerabilities

Croogo version 2.0.0 remote arbitrary PHP code execution and multiple stored cross site scripting vulnerabilities. !/usr/bin/env python Croogo 2.0.0 Arbitrary PHP Code Execution Exploit Vendor: Fahad Ibnay Heylaal Product web page: http://www.croogo.org Affected version: 2.0.0 Summary: Croogo is ...

USB Disk Free v1.0 iOS - File Include Vulnerability

Document Title: =============== USB Disk Free v1.0 iOS - File Include Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id= Release Date: ============= 2014-10-10 Vulnerability Laboratory ID VL-ID: ==================================== 1340 Commo...

Concrete CMS: Stored XSS in concrete5 5.7.0.4.

Hello. I found stored XSS in concrete5 5.7.0.4. If the user have file upload permission the user can upload the file named like ".txt and the file name is displayed without being escaped. and when other user access the file manager page, Execute Javascript code on page load. Regards...

USB&WiFi Flash Drive 1.3 iOS - Code Execution

Document Title: =============== USB&WiFi Flash Drive 1.3 iOS - Code Execution Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1316 Release Date: ============= 2014-09-15 Vulnerability Laboratory ID VL-ID: ===================================...

Briefcase 4.0 iOS - Code Exec & File Include Vulnerability

Document Title: =============== Briefcase 4.0 iOS - Code Exec & File Include Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1319 Release Date: ============= 2014-09-11 Vulnerability Laboratory ID VL-ID: ====================================...

CVE-2014-5659

The ASTRO File Manager with Cloud aka com.metago.astro application ASTRO-4.4.592 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

Design/Logic Flaw

The ASTRO File Manager with Cloud aka com.metago.astro application ASTRO-4.4.592 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

CVE-2014-5659

The ASTRO File Manager with Cloud aka com.metago.astro application ASTRO-4.4.592 for Android does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate...

CVE-2014-5659

CVE-2014-5659 affects the Android app “ASTRO File Manager with Cloud” (package com.metago.astro), specifically version ASTRO-4.4.592. The root cause is that the app does not verify X.509 certificates from SSL servers, allowing a man-in-the-middle to spoof servers and access sensitive information ...

N-Media File Uploader < 2.0 Arbitrary File Upload

The Frontend File Manager Plugin WordPress plugin was affected by security vulnerability...

Front File Manager 0.1 - Arbitrary File Upload

The front-file-manager WordPress plugin was affected by an Arbitrary File Upload security vulnerability...

Frog CMS 0.9.5 - Arbitrary File Upload

Frog CMS 0.9.5 - Arbitrary File Upload Exploit Title: Arbitrary File Upload in Frog CMS 0.9.5 Date : 2014-07-07 Exploit Author : Javid Hussain Vendor Homepage : http://www.madebyfrog.com Exploit-DB Note: All authenticated users can upload files. If the file does not have execute permissions the C...

Feindura File Manager 1.0(rc) - Remote File Upload

No description provided by source. =================================================== Feindura File Manager 1.0rc - Remote File Upload =================================================== My + Author : KnocKout Contact : [email protected] Software info Web App. : Feindura - Flat File Content...

Cart Engine 3.0.0 Remote Code Execution

No description provided by source. ? Cart Engine 3.0.0 Remote Code Execution Vendor: C97net Product web page: http://www.c97.net Affected version: 3.0.0 Summary: Open your own online shop today with Cart Engine! The small, yet powerful and don't forget, FREE shopping cart based on PHP & MySQL...

Remote File Manager 1.0 - Denial of Service Exploit

No description provided by source. / Server Remote File Manager DoS Exploit ------------------------------------------- INFGP - Hacking&security Research + Attacking localhost.. + Build DOS string + Buffer size = 300 byte + Sending bad format.. + localhost : Disconected! Greats: Infam0us...

ARYADAD Multiple Vulnerabilities

No description provided by source. Title : ARYADAD Multi Vulnerability Author : Red Security TEAM Date : 21/01/2012 Vendor : http://cms.aryadad.com/ Tested On : Windows Server 2008 IIS 7.5 Dork : Powered by ARYADAD Corporation Contact : Info 4t RedSecurity d0t COM Home : http://RedSecurity.COM...