jQuery Uploadify 2.1.0 Shell Upload

Exploit Title: jQuery uploadify v2.1.0 Remote File Upload Date: 21/01/2010 Author: k4cp3r/Ablus Software Link: http://www.uploadify.com/files/jquery.uploadify-v2.1.0.zip Version: v2.1.0 uploadify.swf Actionscript: function setAllowedTypes:void allowedTypes = ; if param.fileDesc && param.fileExt v...

jQuery uploadify v2.1.0 Remote File Upload

No description provided by source. Exploit Title: jQuery uploadify v2.1.0 Remote File Upload Date: 21/01/2010 Author: k4cp3r/Ablus Version: v2.1.0 uploadify.swf Actionscript: function setAllowedTypes:void allowedTypes = ; if param.fileDesc && param.fileExt var fileDescs:Array =...

FreeBSD : wordpress -- multiple vulnerabilities (0640198a-d117-11de-b667-0030843d3802)

secunia reports : The security issue is caused due to the wpcheckfiletype function in /wp-includes/functions.php improperly validating uploaded files. This can be exploited to execute arbitrary PHP code by uploading a malicious PHP script with multiple extensions. Successful exploitation of this...

wordpress -- multiple vulnerabilities

secunia reports: The security issue is caused due to the wpcheckfiletype function in /wp-includes/functions.php improperly validating uploaded files. This can be exploited to execute arbitrary PHP code by uploading a malicious PHP script with multiple extensions. Successful exploitation of this...

For Kaspersky 2 0 1 0 the free kill study-vulnerability warning-the black bar safety net

Article author: chinafe For Kaspersky 2 0 1 0free to killresearch Kaspersky 2 0 1 0 for digital signing and System File Protection becomes very strict, the registry does not say that after so many years the upgrade is basically no use value, Kaspersky 2 0 1 0 the previous version can modify the...

Rongsoft Oday bulk to get SHELL-vulnerability warning-the black bar safety net

Author: cast Blog:http://hi. baidu. com/castblog/ Then GOOGLE search for keyword: inurl:xinwenxq. asp? biaohao= Access management address: gonggong/denglu/denglu. asp First, in the management of the landing page, with a simple'or'='or'can fool the past! In the verification file:...

SugarCRM 5.2.0e Remote Code Execution

SugarCRM 5.2.0e Remote Code Execution Name Remote Code Execution in SugarCRM Systems Affected Sugar CRM 5.2.0e and possibly earlier versions Severity High Impact CVSSv2 High 8/10, vector: AV:N/AC:L/Au:S/C:P/I:C/A:P Vendor http://www.sugarcrm.com Advisory...

Input validation

Microsoft Office Visio 2002 SP2, 2003 SP3, and 2007 SP1 does not properly validate object data in Visio files, which allows remote attackers to execute arbitrary code via a crafted file, aka "Memory Validation Vulnerability."...

MKPortal 1.2.1 XSS / SQL Injection / File Upload

waraxe-2009-SA070 - Multiple Vulnerabilities in MKPortal = 1.2.1 ============================================================================== Author: Janek Vind "waraxe" Date: 15. January 2009 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-70.html Description of vulnerable software...

FreeBSD : drupal -- multiple vulnerabilities (070b5b22-6d74-11dd-aa18-0030843d3802)

The Drupal Project reports : A bug in the output filter employed by Drupal makes it possible for malicious users to insert script code into pages cross site scripting or XSS. A bug in the private filesystem trusts the MIME type sent by the browser, enabling malicious users with the ability to...

SYLK Files (CVE-2008-0112)

Symbolic Link SYLK is a Microsoft file format typically used for exchanging data between applications, particularly spreadsheets. SYLK files conventionally have a .slk suffix. The vulnerability is due to an error in Microsoft Excel that fails to sufficiently validate file data when importing a fi...

Debian Security Advisory DSA 1371-1 (phpwiki)

The remote host is missing an update to phpwiki announced via advisory DSA 1371-1. OpenVAS Vulnerability Test $Id: deb13711.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1371-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Fedora 7 : gimp-2.2.17-1.fc7 (2007-1099)

Fri Jul 13 2007 Nils Philippsen - 2:2.2.17-1 - version 2.2.17 Bugs fixed in GIMP 2.2.17 ========================= - fixed regression in PSD load plug-in bug 456042 - fixed crash when loading a corrupt PSD file bug 327444 - work around for Pango appending ' Not-Rotated' to font names - Wed Jul 11...

openSUSE 10 Security Update : ktorrent (ktorrent-3057)

Ktorrent insufficiently validated the target file name. A malicious Server could therefore overwrite arbitary files of the user CVE-2007-1384,CVE-2007-1799. Another bug could be exploited to crash Ktorrent CVE-2007-1385. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text an...

Moderate: gimp security update

1.2.3-20.9.el3 - validate bytesperline header field when loading PCX files 247570 1.2.3-20.8.el3 - reduce GIMPMAXIMAGESIZE to 2^18 to detect bogus image widths/heights 247570 1.2.3-20.7.el3 - replace gimperror by gimpmessage/gimpquit in a few plugins so they don't crash but gracefully exit when...

CVE-2007-3419

The editprofile3 function in cgi-bin/cgi-lib/user.pl in web-app.org WebAPP before 0.9.9.7 does not properly check the 1 themes.dat, 2 languages.dat, 3 profession.dat, 4 gen.dat, 5 marstat.dat, 6 states.dat, and 7 ages.dat files before saving profile settings of members, which has unknown impact a...

DMCMS Upload_File.PHP任意文件上传漏洞

DMCMS是一款基于PHP的WEB应用程序。 DMCMS不正确过滤用户提交的输入，远程攻击者可以利用漏洞上传任意文件并以WEB权限执行。 问题是'uploadfile.php'脚本对用户提交的WEB参数缺少过滤，可导致绕过上传文件验证机制上传恶意PHP文件，并以WEB权限执行。 DMCMS 0.6.3 Beta 漏洞提供者 ACKERS PAL...

CVE-2007-1741

Multiple race conditions in suexec in Apache HTTP Server httpd 2.2.3 between directory and file validation, and their usage, allow local users to gain privileges and execute arbitrary code by renaming directories or performing symlink attacks. NOTE: the researcher, who is reliable, claims that th...

CVE-2007-1741

Multiple race conditions in suexec in Apache HTTP Server httpd 2.2.3 between directory and file validation, and their usage, allow local users to gain privileges and execute arbitrary code by renaming directories or performing symlink attacks. NOTE: the researcher, who is reliable, claims that th...

Design/Logic Flaw

DiskManagementTool in the DiskManagement.framework 92.29 on Mac OS X 10.4.8 does not properly validate Bill of Materials BOM files, which allows attackers to gain privileges via a BOM file under /Library/Receipts/, which triggers arbitrary file permission changes upon execution of a diskutil...