CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2017/07/18 12:29 a.m.•18 views

CVE-2017-11404

In CMS Made Simple CMSMS 2.2.2, remote authenticated administrators can upload a .php file via a FileManager action to admin/moduleinterface.php...

4.9CVSS5AI score0.00182EPSS

Cvelist•added 2017/07/18 12:0 a.m.•25 views

CVE-2017-11404

In CMS Made Simple CMSMS 2.2.2, remote authenticated administrators can upload a .php file via a FileManager action to admin/moduleinterface.php...

4.9AI score0.00182EPSS

CNVD•added 2017/04/21 12:0 a.m.•2 views

Arbitrary File Upload Vulnerability in Pixie CMS Backend

Pixie CMS is a full-featured and easy-to-use website builder. An arbitrary file upload vulnerability exists in the Pixie CMS backend modfilemanager.php file $multiupload-extensions. An attacker can use this vulnerability to upload arbitrary files and execute arbitrary code...

7.6AI score

Prion•added 2017/04/03 5:59 p.m.•12 views

Design/Logic Flaw

Pixie 1.0.4 allows remote authenticated users to upload and execute arbitrary PHP code via the POST data in an admin/index.php?s=publish&x=filemanager request for a filename with a double extension, such as a .jpg.php file with Content-Type of image/jpeg...

7.5CVSS9.4AI score0.09321EPSS

Exploits5References2Affected Software1

0day.today•added 2016/10/07 12:0 a.m.•18 views

Picosafe Web Gui - Multiple Vulnerabilities

Exploit for php platform in category web applications - Title : Picosafe Web Gui - Multiple Vulnerabilities - Author : Shahab Shamsi - Vendor : https://github.com/embeddedprojects/picosafewebgui - Category : Webapps - Date : 01.October.2016 Vulnerable page :...

7.1AI score

Exploit DB•added 2016/10/05 12:0 a.m.•18 views

Picosafe Web GUI - Multiple Vulnerabilities

Title : Picosafe Web Gui - Multiple Vulnerabilities - Author : Shahab Shamsi - Vendor : https://github.com/embeddedprojects/picosafewebgui - Category : Webapps - Date : 01.October.2016 Vulnerable page : picosafewebgui/webinterface/js/filemanager/filemanager.php ========================== | Remote...

7AI score

Packet Storm•added 2016/09/02 12:0 a.m.•51 views

Kaspersky FileManager Cross Site Scripting

Document Title: =============== Kaspersky Company Account - FileManager Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1924 Release Date: ============= 2016-08-30 Vulnerability Laboratory ID VL-ID: ==================================== 1924...

Vulnerability Lab•added 2016/08/30 12:0 a.m.•49 views

Kaspersky Company Account - FileManager Vulnerability

Document Title: =============== Kaspersky Company Account - FileManager Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=1924 Video: https://www.vulnerability-lab.com/getcontent.php?id=1976 Release Date: ============= 2016-08-30 Vulnerabili...

7.1AI score

Vulnerability Lab•added 2016/08/29 12:0 a.m.•38 views

Kaspersky Company Account - FileManager Vulnerability

Packet Storm•added 2016/07/27 12:0 a.m.•36 views

DornCMS 1.4 FileManager Cross Site Scripting

Document Title: =============== DornCMS v1.4 - FileManager Persistent Cross Site Scripting Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1885 Release Date: ============= 2016-07-26 Vulnerability Laboratory ID VL-ID:...

Packet Storm•added 2016/04/17 12:0 a.m.•56 views

KNOX 2.3 Clipboard Data Disclosure

Subject: CVE-2016-3996KNOX clipboard data disclosure KNOX 1.0 - KNOX 2.3 / Android Vulnerability Description ========================= The vulnerability allows disclosure of Clipboard data of Samsung KNOX 1.0 and 2.3 containers. On KNOX-enabled devices there exists a proprietary service called...

5.6AI score0.00358EPSS

Exploits1

Packet Storm•added 2016/02/12 12:0 a.m.•24 views

SIMOGEO FileManager 2.3.0 Path Traversal

Exploit Title: SIMOGEO FileManager 2.3.0 - Path Traversal Vulnerability Date: 2015-12-09 Exploit Author: HaHwul Exploit Author Blog: http://www.codeblack.net Vendor Homepage: https://github.com/simogeo/Filemanager Software Link: git clone http://github.com/simogeo/Filemanager.git Version: 2.3.0...

Packet Storm•added 2016/02/12 12:0 a.m.•31 views

SIMOGEO FileManager 2.3.0 File Upload

Exploit Title: SIMOGEO FileManager 2.3.0 - File Upload Vulnerability Date: 2015-12-09 Exploit Author: HaHwul Exploit Author Blog: http://www.codeblack.net Vendor Homepage: https://github.com/simogeo/Filemanager Software Link: git clone http://github.com/simogeo/Filemanager.git Version: 2.3.0 Test...

0day.today•added 2015/12/08 12:0 a.m.•39 views

SIMOGEO FileManager 2.3.0 - Multiple Vulnerabilities

Exploit for php platform in category web applications Exploit Title: SIMOGEO FileManager 2.3.0 - Path Traversal Vulnerability Exploit Author: HaHwul Exploit Author Blog: http://www.codeblack.net Vendor Homepage: https://github.com/simogeo/Filemanager Software Link: git clone...

7.1AI score

Cvelist•added 2015/01/29 3:0 p.m.•18 views

CVE-2015-1422

Multiple cross-site scripting XSS vulnerabilities in Gecko CMS 2.2 and 2.3 allow remote attackers to inject arbitrary web script or HTML via the 1 horder, 2 jakcatid, 3 jakcontent, 4 jakcss, 5 jakdeletelog, 6 jakemail, 7 jakextfile, 8 jakfile, 9 jakhookshow, 10 jakimg, 11 jakjavascript, 12...

5.8AI score0.1711EPSS

Exploits1References7

CNVD•added 2015/01/23 12:0 a.m.•2 views

b2evolution 'filemanager' cross-site scripting vulnerability

b2evolution is a PHP and MySQL based blogging software developed by software developer Francois Planque. A cross-site scripting vulnerability exists in b2evolution 'filemanager'. The blogs/admin.php script fails to adequately filter the 'fmfilter' parameter. A remote attacker can exploit the...

4.3CVSS6.1AI score0.00541EPSS