TinyMCE Ajax File Manager Remote Code Execution

/ | / \ / / \ / /\ \ / / \ | \ / \ \ | | | | /\ /\ / /|| /\ | | || \ \ / / / / / Exploit Title : timynce Ajax File Manager Remote Code Author : By onestree Software Link : http://www.phpletter.com/Demo/Tinymce-Ajax-File-Manager/ tested : windows 7 Dork : inurl:"/plugins/filemanager/" or...

SA-CONTRIB-2013-044 - elFinder file manager - Cross Site Request Forgery (CSRF)

The elfinder module provides an AJAX-based file manager based on the elFinder javascript library. The module doesn't sufficiently verify requests thereby exposing a Cross Site Request Forgery CSRF vulnerability. This would enable an attacker to create, modify, or delete files on the server. There...

Remote File Manager 1.2 iOS - Multiple Vulnerabilities

Remote File Manager 1.2 iOS - Multiple Vulnerabilities Title: ====== Remote File Manager v1.2 iOS - Multiple Web Vulnerabilities Date: ===== 2013-02-23 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=882 VL-ID: ===== 882 Common Vulnerability Scoring System:...

Remote File Manager 1.2 iOS - Multiple Vulnerabilities

Title: ====== Remote File Manager v1.2 iOS - Multiple Web Vulnerabilities Date: ===== 2013-02-23 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=882 VL-ID: ===== 882 Common Vulnerability Scoring System: ==================================== 6.1 Introduction: ============...

Remote File Manager 1.2 XSS / Local File Inclusion

Title: ====== Remote File Manager v1.2 iOS - Multiple Web Vulnerabilities Date: ===== 2013-02-23 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=882 VL-ID: ===== 882 Common Vulnerability Scoring System: ==================================== 6.1 Introduction: ============...

File Manager - HTML Injection Local File Inclusion

File Manager - HTML Injection Local File Inclusion source: https://www.securityfocus.com/bid/58313/info File Manager is prone to an HTML-injection vulnerability and a local file-include vulnerability. Successful exploits will allow attacker-supplied HTML and script code to run in the context of t...

Remote File Manager v1.2 iOS - Multiple Web Vulnerabilities

Document Title: =============== Remote File Manager v1.2 iOS - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=882 Release Date: ============= 2013-02-23 Vulnerability Laboratory ID VL-ID: ====================================...

File Manager - HTML Injection / Local File Inclusion

source: https://www.securityfocus.com/bid/58313/info File Manager is prone to an HTML-injection vulnerability and a local file-include vulnerability. Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, steal cookie-based...

Remote File Manager v1.2 iOS - Multiple Web Vulnerabilities

Document Title: =============== Remote File Manager v1.2 iOS - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=882 Release Date: ============= 2013-02-23 Vulnerability Laboratory ID VL-ID: ====================================...

Ajax File Manager Remote Code Execution Exploit

Ajax File Manager is vulnable to execute abitrary php code injection, and not solution from the vendor. This is private exploit. You can buy it at https://0day.today...

CentOS Update for gnome-vfs2 CESA-2013:0131 centos5

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

gnome security update

CentOS Errata and Security Advisory CESA-2013:0131 Updated gnome-vfs2 packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring Syst...

Low: Red Hat Security Advisory: gnome-vfs2 security and bug fix update

Updated gnome-vfs2 packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

RHEL 5 : gnome-vfs2 (RHSA-2013:0131)

Updated gnome-vfs2 packages that fix one security issue and several bugs are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

SuSE Update for update openSUSE-SU-2012:0466-1 (update)

Check for the Version of update OpenVAS Vulnerability Test $Id: gbsuse201204661.nasl 8257 2017-12-29 06:29:46Z teissa $ SuSE Update for update openSUSE-SU-2012:0466-1 update Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program ...

tinymcpuk xss vulnerability

================================================================= tinymcpuk xss vulnerability ================================================================= Exploit Title: tinymcpuk xss vulnerability Google Dork: n/a Date: 1/12/2012 GMT+7 Exploit Author: eidelweiss @randyarios Vendor Homepage:...

[SECURITY] Fedora 17 Update: mc-4.8.6-2.fc17

Midnight Commander is a visual shell much like a file manager, only with many more features. It is a text mode application, but it also includes mouse support. Midnight Commander's best features are its ability to FTP, view tar and zip files, and to poke into RPMs for specific files...

FCKEditor 2.6.8 file upload and CKFinder/FCKEditor DoS vulnerability-vulnerability warning-the black bar safety net

Thanks to the endless in freebuf community”share the mission”to give a clue, only with this article Original post: http://club.freebuf.com/?/question/129reply12 FCKEditor 2.6.8 file upload vulnerability Exploit-db on the original as follows: - Title: FCKEditor 2.6.8 ASP Version File Upload...

Tinymcpuk 0.3 Cross Site Scripting Vulnerability

Tinymcpuk version 0.3 suffers from a cross site scripting vulnerability. Exploit Title: tinymcpuk xss vulnerability Google Dork: n/a Date: 1/12/2012 GMT+7 Exploit Author: eidelweiss @randyarios Vendor Homepage: http://sourceforge.net/projects/p4a/files/tinymcpuk/ Software Link:...

Tinymcpuk 0.3 Cross Site Scripting

================================================================= tinymcpuk xss vulnerability ================================================================= Exploit Title: tinymcpuk xss vulnerability Google Dork: n/a Date: 1/12/2012 GMT+7 Exploit Author: eidelweiss @randyarios Vendor Homepage:...