970 matches found
WordPress Holding Pattern Theme Arbitrary File Upload
This module exploits a file upload vulnerability in all versions of the Holding Pattern theme found in the uploadfile.php script which contains no session or file validation. It allows unauthenticated users to upload files of any type and subsequently execute PHP scripts in the context of the web...
WordPress Theme Holding Pattern - Arbitrary File Upload (Metasploit)
This module requires Metasploit: http://www.metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'socket' class MetasploitModule 'WordPress Holding Pattern Theme Arbitrary File Upload', 'Description' = %q This module exploits a file...
flashplugin: multiple issues
CVE-2015-0311 remote code execution Unspecified vulnerability allows remote attackers to execute arbitrary code via unknown vectors, as exploited in the wild in January 2015. - CVE-2015-0309 remote code execution Heap-based buffer overflow allows attackers to execute arbitrary code via...
articleFR CMS 3.0.5 Arbitrary File Upload
Vulnerability title: Arbitrary File Upload in articleFR CMS 3.0.5 Product: articleFR CMS Vendor: http://freereprintables.com Affected version: version 3.0.5 Download link: https://github.com/articlefr/articleFR Fixed version: N/A Author: Tran Dinh Tien [email protected] & ITAS Team www.itas.vn...
Adobe Flash Player Multiple Vulnerabilities-01 (Jan 2015) - Linux
Adobe Flash Player is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:flashplayer";...
flashplayer to version 11.2.202.429 (important)
Following issues was resolved in this update: an improper file validation issue CVE-2015-0301, an information disclosure vulnerability that could be exploited to capture keystrokes on the affected system CVE-2015-0302, memory corruption vulnerabilities that could lead to code execution...
Updated flash-player-plugin packages fix security vulnerabilities
Adobe Flash Player 11.2.202.429 contains fixes to critical security vulnerabilities found in earlier versions that could potentially allow an attacker to take control of the affected system. This update resolves an improper file validation issue CVE-2015-0301. This update resolves an information...
flash-plugin: Information disclosure via various methods (APSB15-01)
Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 do n...
CVE-2015-0301
Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 do n...
UBUNTU-CVE-2015-0301
Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 do n...
CVE-2015-0301
Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 do n...
Flash Player <= 16.0.0.235 Multiple Vulnerabilities (APSB15-01)
According to its version, the installation of Adobe Flash Player installed on the remote Windows host is equal or prior to 16.0.0.235. It is, therefore, affected by the following vulnerabilities : - An unspecified improper file validation issue. CVE-2015-0301 - An unspecified information disclosu...
Adobe AIR for Mac <= 15.0.0.356 Multiple Vulnerabilities (APSB15-01)
According to its version, the Adobe AIR installed on the remote Mac OS X host is equal or prior to 15.0.0.356. It is, therefore, affected by the following vulnerabilities : - An unspecified improper file validation issue. CVE-2015-0301 - An unspecified information disclosure vulnerability, which...
Google Chrome < 39.0.2171.99 Multiple Vulnerabilities
The version of Google Chrome installed on the remote Windows host is a version prior to 39.0.2171.99. It is, therefore, affected by the following vulnerabilities : - An unspecified improper file validation issue. CVE-2015-0301 - An unspecified information disclosure vulnerability, which can be...
Flash Player For Mac <= 16.0.0.235 Multiple Vulnerabilities (APSB15-01)
According to its version, the installation of Adobe Flash Player installed on the remote Mac OS X host is equal or prior to 16.0.0.235. It is, therefore, affected by the following vulnerabilities : - An unspecified improper file validation issue. CVE-2015-0301 - An unspecified information...
MS KB3024663: Update for Vulnerabilities in Adobe Flash Player in Internet Explorer
The remote host is missing KB3024663. It is, therefore, affected by the following vulnerabilities : - An unspecified improper file validation issue. CVE-2015-0301 - An unspecified information disclosure vulnerability, which could be exploited to capture keystrokes. CVE-2015-0302 - Multiple memory...
Google Chrome < 39.0.2171.99 Multiple Vulnerabilities (Mac OS X)
The version of Google Chrome installed on the remote Mac OS X host is a version prior to 39.0.2171.99. It is, therefore, affected by the following vulnerabilities : - An unspecified improper file validation issue. CVE-2015-0301 - An unspecified information disclosure vulnerability, which can be...
Adobe AIR <= 15.0.0.356 Multiple Vulnerabilities (APSB15-01)
According to its version, the Adobe AIR installed on the remote Windows host is equal or prior to 15.0.0.356. It is, therefore, affected by the following vulnerabilities : - An unspecified improper file validation issue. CVE-2015-0301 - An unspecified information disclosure vulnerability, which c...
Adobe Flash Player Improper File Validation (APSB15-01: CVE-2015-0301)
An improper file validation issue has been reported in Adobe Flash Player. The vulnerability occurs when the Flash Broker application allows malicious dlls or exes files to be written to one of the whitelisted directories. such a malicious dll dropped in these directories could be used to deliver...
WordPress Symposium Plugin Unauthenticated Shell Upload (CVE-2014-10021)
WordPress Symposium plugin allows user to upload files without proper validation of file type. Successful exploitation of this issue may allow execution of arbitrary code on a vulnerable system...