3605 matches found
CVE-2005-3102
The administrative interface in Movable Type allows attackers to upload files with arbitrary extensions under the web root...
CVE-2005-3041
Unspecified "drag-and-drop vulnerability" in Opera Web Browser before 8.50 on Windows allows "unintentional file uploads."...
CVE-2005-3041
Unspecified "drag-and-drop vulnerability" in Opera Web Browser before 8.50 on Windows allows "unintentional file uploads."...
CVE-2005-3041
CVE-2005-3041 concerns Opera for Windows versions before 8.50. The issue is a drag‑and‑drop vulnerability described as an unspecified flaw that enables unintentional file uploads. The NVD entry lists a base score of 5.0 (Medium) with network attack vector, low complexity, and partial integrity im...
Mail-it Now! Upload2Server Predictable Filename Upload Arbitrary Code Execution
The remote host is running Mail-it Now! Upload2Server, a free, PHP feedback form script supporting file uploads. The version of Upload2Server installed on the remote host stores uploaded files insecurely. An attacker may be able to exploit this flaw to upload a file with arbitrary code and then...
pwpphp122.txt
PwsPHP v1.2.2 Final - Multiples vulnerabilities ----------------------------------------------- VULNERABLE PRODUCT ------------------ Forum: Pwsphp Version: 1.2.2 Final Vulnerabilities: Multiples -------------------------- / / / / / / / / / / / \ / // / /// // / // / / / / // / / .///// / .//...
PT-2005-2838 · Yapig · Yapig
Name of the Vulnerable Software and Affected Versions: YaPiG versions 0.92b through 0.94u Description: The issue concerns the upload.php file in YaPiG, which does not properly restrict the file extension for uploaded image files. This allows remote attackers to upload arbitrary files and execute...
PwsPHP v1.2.2 Final - Multiples vulnerabilities
PwsPHP v1.2.2 Final - Multiples vulnerabilities ----------------------------------------------- VULNERABLE PRODUCT ------------------ Forum: Pwsphp Version: 1.2.2 Final Vulnerabilities: Multiples -------------------------- / / / / / / / / / / / / // / /// // / // / / / / // / / .///// / .// // ./...
paFileDB <= 3.1 Multiple Vulnerabilities (2)
The remote host is running a version of paFileDB that is prone to a wide variety of vulnerabilities, including arbitrary file uploads, local file inclusion, SQL injection, and cross-site scripting issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...
browserDisclose.txt
Multi browser sensitive information disclosure I. DESCRIPTION: Mr.upken disclosed this issue publicly on 19th Feb. 2005. Here is his advisory.language is Japanese http://xxx.upken.jp/report/ieup/ I have a few additional details to add to his original advisory. II. IMPACT: Disclosure of sensitive...
CVE-2004-2672
Unspecified vulnerability in ArGoSoft FTP server before 1.4.2.2 allows attackers to upload .lnk files via unknown vectors...
Mandrake Linux Security Advisory : php (MDKSA-2004:151)
A number of vulnerabilities in PHP versions prior to 4.3.10 were discovered by Stefan Esser. Some of these vulnerabilities were not deemed to be severe enough to warrant CVE names, however the packages provided, with the exception of the Corporate Server 2.1 packages, include fixes for all of the...
STG Security Advisory: [SSA-20041215-15] Vulnerability of uploading files with multiple extensions in MoniWiki
STG Security Advisory: SSA-20041215-15 Vulnerability of uploading files with multiple extensions in MoniWiki Revision 1.0 Date Published: 2004-12-15 KST Last Update: 2004-12-15 Disclosed by SSR Team [email protected] Summary ======== MoniWiki is a wiki web application used by many Korean...
CVE-2004-1612
Directory traversal vulnerability in SalesLogix 6.1 allows remote attackers to upload arbitrary files via a .. dot dot in a ProcessQueueFile request...
GetSolutions GetIntranet 2.2 - Multiple Remote Input Validation Vulnerabilities
GetSolutions GetIntranet 2.2 - Multiple Remote Input Validation Vulnerabilities source: https://www.securityfocus.com/bid/11149/info Reportedly getSolutions getIntranet is affected by multiple remote input validation vulnerabilities. These issues are caused by a failure of the application to...
GetSolutions GetIntranet 2.2 - Multiple Remote Input Validation Vulnerabilities
source: https://www.securityfocus.com/bid/11149/info Reportedly getSolutions getIntranet is affected by multiple remote input validation vulnerabilities. These issues are caused by a failure of the application to properly sanitize user-supplied input. These issues may be leveraged to carry out SQ...
PHP 3.0.x < 3.0.17 / 4.0.x < 4.0.3 Hidden Form Field File Upload
Binary data 1478.prm...
PHP Arbitrary File Upload
Binary data 2286.prm...
McAfee ePolicy Orchestrator unauthorized access
Invalid HTTP POST request allows to upload files on server...
TikiWiki Project 1.8 - 'tiki-view_faq.php?faqId' Cross-Site Scripting
source: https://www.securityfocus.com/bid/10100/info Multiple vulnerabilities have been identified in various modules of the application. These vulnerabilities may allow a remote attacker to carry out various attacks such as path disclosure, cross-site scripting, HTML injection, SQL injection,...