724 matches found
CVE-2014-9599
Cross-site scripting XSS vulnerability in the filemanager in b2evolution before 5.2.1 allows remote attackers to inject arbitrary web script or HTML via the fmfilter parameter to blogs/admin.php...
Cross site scripting
Cross-site scripting XSS vulnerability in the filemanager in b2evolution before 5.2.1 allows remote attackers to inject arbitrary web script or HTML via the fmfilter parameter to blogs/admin.php...
CVE-2014-9599
Cross-site scripting XSS vulnerability in the filemanager in b2evolution before 5.2.1 allows remote attackers to inject arbitrary web script or HTML via the fmfilter parameter to blogs/admin.php...
CMS b2evolution 5.2.0 Cross Site Scripting Vulnerability
CMS b2evolution version 5.2.0 suffers from a cross site scripting vulnerability. Advisory: Reflecting XSS vulnerability in CMS filemanager of b2evolution v. 5.2.0 Author: Steffen Rösemann Affected Software: CMS b2evolution v. 5.2.0 Release-Date: 6th-Dec-2014 Vendor URL: http://b2evolution.net/...
CMS b2evolution 5.2.0 Cross Site Scripting
Advisory: Reflecting XSS vulnerability in CMS filemanager of b2evolution v. 5.2.0 Advisory ID: SROEADV-2014-09 Author: Steffen Rösemann Affected Software: CMS b2evolution v. 5.2.0 Release-Date: 6th-Dec-2014 Vendor URL: http://b2evolution.net/ Vendor Status: did not respond to issue CVE-ID: -...
CMS Croogo 2.2.0 Cross Site Scripting
Advisory: Reflecting XSS vulnerability in CMS Croogo v.2.2.0 Advisory ID: SROEADV-2015-02 Author: Steffen Rösemann Affected Software: CMS Croogo v.2.20 Vendor URL: https://croogo.org Vendor Status: solved CVE-ID: - ========================== Vulnerability Description: ========================== T...
Codiad short_name Cross-Site Scripting Vulnerability
Codiad is an open source Web-based IDE application for writing and editing code online . A cross-site scripting vulnerability exists in Codiad components/filemanager/dialog.php, which allows injection of arbitrary web script or HTML via the shortname parameter, which can obtain sensitive...
e107 '/e107_admin/filemanager.php' cross-site scripting vulnerability
E107 is an open source, free and based on PHP and MySQL content management system CMS of the United States E107 company. The system supports a variety of plug-in programs and appearance of the theme , can be used as a personal blog , discussion community , archive repository and so on. A cross-si...
CVE-2014-9582
CVE-2014-9582 affects Codiad 2.4.3 in components/filemanager/dialog.php, where the short_name parameter in a rename action enables cross-site scripting (XSS). This allows remote attackers to inject arbitrary web script or HTML. The issue is explicitly noted as originally mis-mapped to CVE-2014-11...
Croogo 2.0.0 - Arbitrary PHP Code Execution
!/usr/bin/env python Croogo 2.0.0 Arbitrary PHP Code Execution Exploit Vendor: Fahad Ibnay Heylaal Product web page: http://www.croogo.org Affected version: 2.0.0 Summary: Croogo is a free, open source, content management system for PHP, released under The MIT License. It is powered by CakePHP MV...
wp-FileManager <= 1.3.0 - File Download
The wp-filemanager WordPress plugin was affected by a File Download security vulnerability. As seen in access logs: http://www.example.com/wp-content/plugins/wp-filemanager/incl/libfile.php?path=../../&filename=wp-config.php&action=download...
wp-FileManager <= 1.3.0 - File Download
The wp-filemanager WordPress plugin was affected by a File Download security vulnerability. PoC As seen in access logs: http://www.example.com/wp-content/plugins/wp-filemanager/incl/libfile.php?path=../../=wp-config.php=download...
Frog CMS 0.9.5 - Arbitrary File Upload
No description provided by source. Exploit Title: Arbitrary File Upload in Frog CMS 0.9.5 Date : 2014-07-07 Exploit Author : Javid Hussain Vendor Homepage : http://www.madebyfrog.com Exploit-DB Note: All authenticated users can upload files. If the file does not have execute permissions the CMS...
Easy FileManager 1.1 iOS - Multiple Vulnerabilities
No description provided by source...
WebJeff Filemanager 1.6 File Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7995/info A vulnerability has been reported for Filemanager that may result in the disclosure of arbitrary files. The vulnerability exists due to insufficient sanitization of user-supplied values for URI parameters. A...
TinyMCE MCFileManager 2.1.2 - Arbitrary File Upload Vulnerability
No description provided by source. ============================================== File Upload Vulnerability Plugins tinymce ============================================== http://tinymce.moxiecode.com/pluginsfilemanager.php Author : Hackeri-AL Contact : h-al at hotmail dot it Greetz : LoocK3D &...
Maximus CMS (fckeditor) Arbitrary File Upload Vulnerability
No description provided by source. | | /||\ / \ /===============================================================================\ |Exploit Title: maximus-cms fckeditor Arbitrary File Upload Vulnerability | |develop: http://www.php-maximus.org | |Version: Maximus 2008 CMS: Web Portal System v.1.1....
CMS Made Simple <= 1.2.4 (FileManager module) File Upload Exploit
No description provided by source. ?php / --------------------------------------------------------------------------- CMS Made Simple = 1.2.4 FileManager module Arbitrary File Upload Exploit --------------------------------------------------------------------------- author...: EgiX mail.....:...
Wordpress Plugin Wp-FileManager 1.2 - Remote Upload Vulnerability
No description provided by source. AUTHOR : H-T TeaM HouSSaMix ToXiC350 HOME : http://no-hack.net Script : Wordpress Plugin Wp-FileManager Download : http://downloads.wordpress.org/plugin/wp-filemanager.1.2.zip BUG : Remote File Upload Vulnerability Shell Upload Exploit | 3xpl0it4t10n : This file...
Nakid CMS (fckeditor) Remote Arbitrary File Upload Exploit
No description provided by source. ?php / Title: Nakid CMS fckeditor Remote Arbitrary File Upload Exploit Developers: www.nakid.org Download : https://sourceforge.net/projects/nakidcms/files/Nakid%20CMS%20v052.rar/download Version: 0.5.2 exploited by ..: eidelweiss details..: works with an Apache...