23 matches found
zubrag-upload.txt
//Title - Zubrag Uploader 1.0 Arbitrary Shell Upload Vulnerability //Vendor - zubrag.com/scripts/file-upload-form.php //Version - 1.0 //Status - vendor has been notified //Author - Dentrasi //Description It is possible to upload a php script to the remote site. The script attempts to hide the...
AspWebCalendar 2008 Remote File Upload Vulnerability
No description provided by source. Title:AspWebCalendar 2008 Remote File Upload Vulnerability Discovered by : AleminKrali Dork :calendar.asp?eventdetail http://site.com/path/calendaradmin.asp?action=uploadfile == upload your Asp shell http://site.com/path/calendar/eventimages/yourshell.asp == you...
ClassSystem 2.0/2.3 - 'class/ApplyDB.php' Unrestricted Arbitrary File Upload / Arbitrary Code Execution
source: https://www.securityfocus.com/bid/29372/info ClassSystem is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. These issues include multiple SQL-injection vulnerabilities and an arbitrary-file-upload vulnerability. Exploiting...