19 matches found
CVE-2026-41934
Vvveb before version 1.0.8.2 contains an authenticated remote code execution vulnerability in the admin code editor that allows low-privilege authenticated users to execute arbitrary code through insufficient file extension restrictions, with the uploaded payload then executable via subsequent...
CVE-2009-4444
Microsoft Internet Information Services IIS 5.x and 6.x uses only the portion of a filename before a ; semicolon character to determine the file extension, which allows remote attackers to bypass intended extension restrictions of third-party upload applications via a filename with a 1 .asp, 2...
EUVD-2009-3443
Malware in sbrugna...
CVE-2019-16318
In Pimcore before 5.7.1, an attacker with limited privileges can bypass file-extension restrictions via a 256-character filename, as demonstrated by the failure of automatic renaming of .php to .php.txt for long filenames, a different vulnerability than CVE-2019-10867 and CVE-2019-16317...
CVE-2019-16318
Technical details for CVE-2019-16318 are not publicly available in the provided documents. Monitor Pimcore advisories and related sources for updates on affected versions, impact, and remediation.
CVE-2019-16318
In Pimcore before 5.7.1, an attacker with limited privileges can bypass file-extension restrictions via a 256-character filename, as demonstrated by the failure of automatic renaming of .php to .php.txt for long filenames, a different vulnerability than CVE-2019-10867 and CVE-2019-16317...
WordPress LearnDash 2.5.3 File Upload
Exploit Title: WordPress LearnDash 2.5.3 Unauthenticated Arbitrary File Upload Date: 07-01-2018 Vendor Homepage: https://www.learndash.com/ Vendor Changelog: https://www.learndash.com/changelog/ Version: 2.5.3 Exploit Author: NinTechNet Author Advisory: http://nin.link/learndash/ Category: Webapp...
SysAid Help Desk Administrator Portal Arbitrary File Upload-vulnerability warning-the black bar safety net
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'SysAid Help Desk Administrator Portal Arbitrary File Upload', 'Description' = %q This module exploits a file upload vulnerability in...
SysAid Help Desk Administrator Portal Arbitrary File Upload Exploit
This Metasploit module exploits a file upload vulnerability in SysAid Help Desk. The vulnerability exists in the ChangePhoto.jsp in the administrator portal, which does not handle correctly directory traversal sequences and does not enforce file extension restrictions. You need to have an...
SysAid Help Desk Administrator Portal Arbitrary File Upload
This module exploits a file upload vulnerability in SysAid Help Desk. The vulnerability exists in the ChangePhoto.jsp in the administrator portal, which does not correctly handle directory traversal sequences and does not enforce file extension restrictions. While an attacker needs an administrat...
CVE-2015-2348
The moveuploadedfile implementation in ext/standard/basicfunctions.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 truncates a pathname upon encountering a \x00 character, which allows remote attackers to bypass intended extension restrictions and create files with unexpected...
Adobe Acrobat Unspecified vulnerability
This host has Adobe Acrobat installed which is prone to unspecified vulnerability. OpenVAS Vulnerability Test $Id: gbadobeacrobatunspecifiedvuln.nasl 8210 2017-12-21 10:26:31Z cfischer $ Adobe Acrobat Unspecified vulnerability Authors: Nikta MR Copyright: Copyright c 2009 Greenbone Networks GmbH,...
CVE-2009-3461
Unspecified vulnerability in Adobe Acrobat 9.x before 9.2 allows attackers to bypass intended file-extension restrictions via unknown vectors...
CVE-2009-3461
Unspecified vulnerability in Adobe Acrobat 9.x before 9.2 allows attackers to bypass intended file-extension restrictions via unknown vectors...
Design/Logic Flaw
Unspecified vulnerability in Adobe Acrobat 9.x before 9.2 allows attackers to bypass intended file-extension restrictions via unknown vectors...
CVE-2009-3461
Unspecified vulnerability in Adobe Acrobat 9.x before 9.2 allows attackers to bypass intended file-extension restrictions via unknown vectors...
CVE-2009-3461
Adobe Acrobat 9.x before 9.2 is affected by an unspecified vulnerability that allows bypassing intended file-extension restrictions via unknown vectors. The issue affects Acrobat on affected builds and can lead to complete confidentiality/integrity/availability impact per CVSS 9.3. Remediation re...
Mambo 4.6.3 arbitrary file upload
Step 1 Using post method send file to: http://victim.com/mambo4.6.5/mambots/editors/mostlyce/jscripts/tinymce/filemanager/connectors/php/connector.php?Command=FileUpload file should have one of the following extensions: zip, doc, xls, pdf, rtf, csv, jpg, gif, jpeg, png, avi, mpg, mpeg, swf, fla...
PT-2006-3389 · Dubanner · Dubanner
Name of the Vulnerable Software and Affected Versions: DUbanner version 3.1 Description: The issue allows remote attackers to execute arbitrary code by uploading files with arbitrary extensions, such as ASP files, to the add.asp endpoint, probably due to client-side enforcement that can be...