CVE-2017-16798

In CMS Made Simple 2.2.3.1, the isfileacceptable function in modules/FileManager/action.upload.php only blocks file extensions that begin or end with a "php" substring, which allows remote attackers to bypass intended access restrictions or trigger XSS via other extensions, as demonstrated by...

Remote code execution

X-Cart 5.2.23, 5.3.1.9, 5.3.2.13, and 5.3.3 is vulnerable to Remote Code Execution. This vulnerability exists because the application fails to check remote file extensions before saving locally. This vulnerability can be exploited by anyone with Vendor access or higher. One attack methodology is ...

CVE-2017-15285

X-Cart 5.2.23, 5.3.1.9, 5.3.2.13, and 5.3.3 is vulnerable to Remote Code Execution. This vulnerability exists because the application fails to check remote file extensions before saving locally. This vulnerability can be exploited by anyone with Vendor access or higher. One attack methodology is ...

Domain Analyzer

Domain analyzer is a security analysis tool which automatically discovers and reports information about the given domain. Its main purpose is to analyze domains in an unattended way. Domain analyzer takes a domain name and finds information about it, such as DNS servers, mail servers, IP addresse...

Input validation

IBM Tivoli Key Lifecycle Manager 2.5, and 2.6 could allow a remote attacker to upload arbitrary files, caused by the improper validation of file extensions, which could allow the attacker to execute arbitrary code on the vulnerable system...

CVE-2016-6104

IBM Tivoli Key Lifecycle Manager 2.5, and 2.6 could allow a remote attacker to upload arbitrary files, caused by the improper validation of file extensions, which could allow the attacker to execute arbitrary code on the vulnerable system...

CVE-2017-5520

The media rename feature in GeniXCMS through 0.0.8 does not consider alternative PHP file extensions when checking uploaded files for PHP content, which enables a user to rename and execute files with the .php6, .php7 and .phtml extensions...

Code injection

The file scanning mechanism of JFilterInput::isFileSafe in Joomla! CMS before 3.6.5 does not consider alternative PHP file extensions when checking uploaded files for PHP content, which enables a user to upload and execute files with the .php6, .php7, .phtml, and .phpt extensions. Additionally,...

CVE-2016-9836

The file scanning mechanism of JFilterInput::isFileSafe in Joomla! CMS before 3.6.5 does not consider alternative PHP file extensions when checking uploaded files for PHP content, which enables a user to upload and execute files with the .php6, .php7, .phtml, and .phpt extensions. Additionally,...

Brave Software: links the user may download can be a malicious files

Hi, Summary: This vulnerability is pretty simple and pretty dangerous at the same time Almost any link the user tries to download it's extension is set according to the file extension in the path if the path is / then it download's it according to the domain name Eg: 1...

[20161202] - Core - Shell Upload

Inadequate filesystem checks allowed files with alternative PHP file extensions to be uploaded...

Malicious File Detection Using Yara

Binary data wmimalwareyarafilesystem.nbin...

WordPress Ultimate Product Catalog 3.8.6 Shell Upload

Exploit Title: Wordpress Ultimate-Product-Catalog v3.8.6 Arbitrary file RCE Date: 2016-06-23 Google Dork: Index of /wp-content/plugins/ultimate-product-catalogue/ Exploit Author: Joaquin Ramirez Martinez i0akiN SEC-LABORATORY Vendor Homepage: http://www.EtoileWebDesign.com/ plugin uri:...

Latest TeslaCrypt Targets New File Extensions, Invests Heavily in Evasion

TeslaCrypt, like many of its ransomware cousins, doesn’t sleep on past success. Researchers at Endgame Inc., have found two updates for the cryptoransomware in the past two weeks that invest heavily in obfuscation and evasion techniques, and also target a host of new file extensions. These sample...

Malicious File Detection: User Defined Malware

Binary data wmimalwareusermd5sfilescan.nbin...

JVN#64636058: WinRAR may insecurely load executable files

WinRAR contains a function where user specified files on the local disk can be executed. When this file does not have a file extension, a file of the same name with a file extension contained in the same folder may be executed by WinRAR instead of the user specified file. WinRAR also contains a...

Symantec Web Gateway Arbitrary PHP File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Web Gateway. Authentication is required to exploit this vulnerability, however it can be bypassed via reflected cross-site scripting. The specific flaw exists within the adminmessages.php...

reviversoft.com XSS vulnerability

Open Bug Bounty ID: OBB-74353 Description| Value ---|--- Affected Website:| reviversoft.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

reviversoft.com XSS vulnerability

Open Bug Bounty ID: OBB-74226 Description| Value ---|--- Affected Website:| reviversoft.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Fedora 22 : drupal7-feeds-2.0-0.12.alpha9.fc22 (2015-10994)

7.x-2.0-alpha9 This is a security release. People running 7.x-2.0-alpha8 or below should update. This release only contains security fixes, no additional bug fixes or features. Changes since 7.x-2.0-alpha8 : - Issue 2495145 by twistor, cashwilliams, greggles, klausi: Possible XSS in...