Rich FileManager 2.7.0 Cross Site Scripting

============================================================================================================================ | Title : Rich FileManager v2.7.0 xss via file uploads Vulnerability | | Author : indoushka | | Telegram : @indoushka | | Tested on : windows 10 FranASSais V.Pro | | | Vend...

Free CMS 1.0a Cross Site Scripting

============================================================================================================================ | Title : Free cms 1.0a xss via file uploads Vulnerability | | Author : indoushka | | Telegram : @indoushka | | Tested on : windows 10 FranASSais V.Pro | | | Vendor :...

CVE-2016-6598

BMC Track-It! 11.4 before Hotfix 3 exposes an unauthenticated .NET remoting file storage service FileStorageService on port 9010. This service contains a method that allows uploading a file to an arbitrary path on the machine that is running Track-It!. This can be used to upload a file to the web...

Multiple Vulnerabilities in Beipiao's Microclass App

Beipiao Microcourse APP is an educational course learning service software. There are loopholes in Beipiao Microcourse APP for arbitrary user registration, arbitrary user password reset and arbitrary file upload. An attacker can use the vulnerability to register any account, reset any password an...

Western Digital MyCloud Remote Code Execution (CVE-2017-17560)

A remote code execution vulnerability exists within Western Digital MyCloud servers. This is due to the way the MyCloud servers handle file uploads to specific directories. A successful attack could lead to a remote code execution and stolen information...

WordPress AccessKeys AccessPress Anonymous Post Pro Plugin Arbitrary File Upload Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports PHP and MySQL servers to set up a personal blog site.AccessKeys AccessPress Anonymous Post Pro plugin is used in one of the anonymous publishing plugin. An arbitrary...

CVE-2017-16949

An issue was discovered in the AccessKeys AccessPress Anonymous Post Pro plugin through 3.1.9 for WordPress. Improper input sanitization allows the attacker to override the settings for allowed file extensions and upload file size, related to inc/cores/file-uploader.php and...

MGASA-2017-0400 Updated tomcat packages fix security vulnerability

When running with HTTP PUTs enabled e.g. via setting the readonly initialization parameter of the Default servlet to false it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server...

Design/Logic Flaw

edit.php in LabWiki 1.1 and earlier does not properly verify uploaded user files, which allows remote authenticated users to upload arbitrary PHP files via a PHP file with a .gif extension in the userfile parameter...

CVE-2017-13982

A directory traversal vulnerability in HPE BSM Platform Application Performance Management System Health product versions 9.26, 9.30 and 9.40, allows users to upload unrestricted files...

CVE-2017-14079

Unrestricted file uploads in Trend Micro Mobile Security Enterprise versions before 9.7 Patch 3 allow remote attackers to execute arbitrary code on vulnerable installations...

Code injection

Vulnerability in wordpress plugin flickr-picture-backup v0.7, The code in flickr-picture-download.php doesn't check to see if the user is authenticated or that they have permission to upload files...

CVE-2017-11317

Telerik.Web.UI in Progress Telerik UI for ASP.NET AJAX before R1 2017 and R2 before R2 2017 SP2 uses weak RadAsyncUpload encryption, which allows remote attackers to perform arbitrary file uploads or execute arbitrary code...

Code injection

Telerik.Web.UI in Progress Telerik UI for ASP.NET AJAX before R1 2017 and R2 before R2 2017 SP2 uses weak RadAsyncUpload encryption, which allows remote attackers to perform arbitrary file uploads or execute arbitrary code...

Code injection

Progress Telerik UI for ASP.NET AJAX before R2 2017 SP2 does not properly restrict user input to RadAsyncUpload, which allows remote attackers to perform arbitrary file uploads or execute arbitrary code...

CVE-2017-11317

Telerik.Web.UI in Progress Telerik UI for ASP.NET AJAX before R1 2017 and R2 before R2 2017 SP2 uses weak RadAsyncUpload encryption, which allows remote attackers to perform arbitrary file uploads or execute arbitrary code...

CVE-2017-11317

CVE-2017-11317 affects Telerik Web UI for ASP.NET AJAX prior to R1 2017 and R2 prior to R2 2017 SP2. The issue is a weak encryption/serialization flaw in RadAsyncUpload that enables remote attackers to upload arbitrary files or execute arbitrary code. The root cause is described as a deserializat...

CVE-2017-11151

A vulnerability in synothemeupload.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to upload arbitrary files without authentication via the logoupload action...

CVE-2017-11151

A vulnerability in synothemeupload.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to upload arbitrary files without authentication via the logoupload action...

Arbitrary Code Execution

Bolt is vulnerable to arbitrary code execution. The library does not properly check for file type during file uploads and the theme editor allows the renaming of file extentions. This allows a malicious user to inject and execute arbitrary PHP code by passing a php file saved with a different fil...