Wordpress Work-The-Flow Plugin 1.2.1 - Arbitrary File Upload

No description provided by source. !/usr/bin/env python -- coding: utf-8 -- from pocsuite.net import req from pocsuite.poc import Output, POCBase from pocsuite.utils import register from pocsuite.lib.utils.password import getWeakPassword from pocsuite.lib.utils.password import getLargeWeakPasswor...

Sitecom MD-25x Multiple Vulnerabilities Reverse Root Shell Exploit

No description provided by source. !/usr/bin/python Exploit Title: Sitecom MD-253 and MD-254 Network Storage Reverse Shell Exploit Date: 09/11/12 Exploit Author: Mattijs van Ommeren mattijs at alcyon dot nl Vendor Homepage: http://www.sitecom.com Software Link:...

Print n Share v5.5 iOS - Multiple Web Vulnerabilities

No description provided by source. Document Title: =============== Print n Share v5.5 iOS - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1154 Release Date: ============= 2013-12-06 Vulnerability Laboratory ID VL-ID:...

Cobalt RaQ 2.0/3.0/4.0 XTR MultiFileUpload.php Authentication Bypass Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/4252/info Cobalt RaQ is a server appliance for Internet-based services. It is distributed and maintained by Sun Microsystems. The 'MultiFileUpload.php' script is not sufficiently protected from outside access. While other...

Flash content-type sniffing allows Cross Site Data Hijacking

As documented at http://blog.detectify.com/post/86298380233/the-pitfalls-of-allowing-file-uploads-on-your-website it is possible to upload a flash file to confluence with a different content-type than for flash and when embedded on an attacker's domain will be able to make requests to the...

openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2011:1138-1)

The blowfish password hashing implementation did not properly handle 8-characters in passwords, which made it easier for attackers to crack the hash CVE-2011-2483. After this update existing hashes with id '$2a$' for passwords that contain 8-bit characters will no longer be compatible with newly...

openSUSE Security Update : php5 (openSUSE-SU-2012:0551-1)

Scripts that accept multiple file uploads in a single request were potentially vulnerable to a directory traversal attack %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2012-244. The...

openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2011:1137-1)

The blowfish password hashing implementation did not properly handle 8-characters in passwords, which made it easier for attackers to crack the hash CVE-2011-2483. After this update existing hashes with id '$2a$' for passwords that contain 8-bit characters will no longer be compatible with newly...

IBM WebSphere Application Server 8.5 < Fix Pack 8.5.5.2 Multiple Vulnerabilities

IBM WebSphere Application Server 8.5 prior to Fix Pack 8.5.5.2 appears to be running on the remote host and is, therefore, potentially affected by the following vulnerabilities : - Numerous errors exist related to the included IBM SDK for Java based on the Oracle JDK that could allow denial of...

Symantec Workspace Streaming - Arbitrary File Upload (Metasploit)

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rexml/document' class Metasploit3 'Symantec Workspace Streaming Arbitrary File Upload', 'Description' = %q This module exploits a code executio...

WordPress Uploader Plugin Multiple Vulnerabilities

The WordPress plugin SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wordpress:wordpress"; ifdescription...

OpenSupports Remote Shell Upload Vulnerability

Sites powered by OpenSupports suffer from a remote shell upload vulnerability. Exploit Title: Open Support Arbitrary Remote File Upload Vulnerabilities Google Dork: allintext: "Power by OpenSupports © 2009 - 2014. All Rights reserved" Date: 02,March 02,2014 Exploit Author: Slotleet Vendor Homepag...

MGASA-2013-0352 Updated perl-HTTP-Body packages fix CVE-2013-4407

Updated perl-HTTP-Body package fixes security vulnerability: Jonathan Dolle reported a design error in HTTP::Body, a Perl module for processing data from HTTP POST requests. The HTTP body multipart parser creates temporary files which preserve the suffix of the uploaded file. An attacker able to...

ImpressPages CMS v3.6 manage() Function Remote Code Execution Exploit

Summary ImpressPages CMS is an open source web content management system with revolutionary drag & drop interface. Description The vulnerability is caused due to the improper verification of uploaded files in '/ipcms/modules/developer/configexpimp/manager.php' script thru the 'manage' function...

FreeBSD : wordpress -- multiple vulnerabilities (043d3a78-f245-4938-9bc7-3d0d35dd94bf)

The wordpress development team reports : - Block unsafe PHP unserialization that could occur in limited situations and setups, which can lead to remote code execution. - Prevent a user with an Author role, using a specially crafted request, from being able to create a post 'written by' another...

Arkeia Appliance <= 10.0.10 Multiple Vulnerabilities - Active Check

Arkeia Appliance is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2013-5738

The getallowedmimetypes function in wp-includes/functions.php in WordPress before 3.6.1 does not require the unfilteredhtml capability for uploads of .htm and .html files, which might make it easier for remote authenticated users to conduct cross-site scripting XSS attacks via a crafted file...

DEBIAN-CVE-2013-5739

The default configuration of WordPress before 3.6.1 does not prevent uploads of .swf and .exe files, which might make it easier for remote authenticated users to conduct cross-site scripting XSS attacks via a crafted file, related to the getallowedmimetypes function in wp-includes/functions.php...

CVE-2013-5738

The getallowedmimetypes function in wp-includes/functions.php in WordPress before 3.6.1 does not require the unfilteredhtml capability for uploads of .htm and .html files, which might make it easier for remote authenticated users to conduct cross-site scripting XSS attacks via a crafted file...

Cross site scripting

The getallowedmimetypes function in wp-includes/functions.php in WordPress before 3.6.1 does not require the unfilteredhtml capability for uploads of .htm and .html files, which might make it easier for remote authenticated users to conduct cross-site scripting XSS attacks via a crafted file...