businesswiki 2.5rc3 - Stored XSS & arbitrary file upload

No description provided by source. !/usr/bin/python ''' Exploit Title: Stored XSS & Arbitrary File Upload Vulnerabilities in BusinessWiki. Date: 23/08/2012 Exploit Author: Shai rod @NightRang3r Vendor Homepage: http://onbusinesswiki.com/ Software Link:...

Alex News-Engine 1.5.1 - Remote Arbitrary File Upload Vulnerability

No description provided by source. Yellow Flood Organization Alex News-engine fckeditor Arbitrary File Upload Source: http://www.alexscriptengine.de/blog/category/news-engine/ Download: http://www.alexscriptengine.de/blog/asedownloads/news-engine/ Discover by: Batter - Vulnerability:...

EasyWeb 1.0 FileManager Module Directory Traversal Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10792/info EasyWeb is prone to a directory traversal vulnerability. This issue presents itself due to insufficient sanitization of user-supplied data. The issue occurs if a remote attacker sends a request to the...

DM Filemanager 3.9.11 Arbitrary File Upload Vulnerability

No description provided by source. ?php / ----------------------------------------------------------------- DM Filemanager fckeditor Remote Arbitrary File Upload Exploit ----------------------------------------------------------------- Vendor: www.dutchmonkey.com Download :...

AuraCMS 3.0 - Multiple Vulnerabilities

No description provided by source. Exploit Title: AuraCMS 3.0 Multiple Vulnerabilities Date: 05/28/2014 Author: Mustafa ALTINKAYNAK Download URL :http://auracms.org/ Software Link: http://codeload.github.com/auracms/AuraCMS/zip/master Vuln Category: CWE-79 XSS - CWE-98 LFI Tested on: AuraCMS 3.0...

dm filemanager 3.9.4 - Remote File Inclusion Vulnerability

No description provided by source. + DM FileManager 3.9.4 Remote File Include Vulnerability + Author : Septemb0x + www.Cyber-Warrior.Org - Information Technology's World + Greetz : BARCOD3 And All Friends... + Dork : Yok Dork Mork :D + Download Script : http://uploaded.to/file/3z84ie + Product Si...

Wordpress wp-FileManager - Arbitrary File Download Vulnerability

No description provided by source. Title: Wordpress wp-FileManager Local File Download Vulnerability Author: ByEge Download: http://wordpress.org/extend/plugins/wp-filemanager/ Test Platform: Linux Images: http://j1305.hizliresim.com/19/f/n0xxf.jpg Vuln. Plat.: Web Application Google Dorks:...

EditorMonkey WordPress Plugin (FCKeditor) 2.5 - Arbitrary File Upload

No description provided by source. WordPress EditorMonkey FCKeditor Remote File Upload Author : kaMtiEz [email protected] Homepage : http://www.indonesiancoder.com / http://exploit-id.com / http://magelangcyber.web.id Date : 14 May, 2011 Software Information + Vendor :...

CVE-2014-3782

Multiple incomplete blacklist vulnerabilities in the filemanager::isFileExclude method in the Media Manager in Dotclear before 2.6.3 allow remote authenticated users to execute arbitrary PHP code by uploading a file with a 1 double extension or 2 .php5, 3 .phtml, or some other PHP file extension...

CVE-2014-3782

Multiple incomplete blacklist vulnerabilities in the filemanager::isFileExclude method in the Media Manager in Dotclear before 2.6.3 allow remote authenticated users to execute arbitrary PHP code by uploading a file with a 1 double extension or 2 .php5, 3 .phtml, or some other PHP file extension...

CVE-2014-3782

Summary: CVE-2014-3782 affects Dotclear

DevExpress ASPxFileManager 10.2 13.2.8 - Directory Traversal

DevExpress ASPxFileManager 10.2 13.2.8 - Directory Traversal Advisory: Directory Traversal in DevExpress ASP.NET File Manager During a penetration test RedTeam Pentesting discovered a directory traversal vulnerability in DevExpress' ASP.NET File Manager and File Upload. Attackers are able to read...

DevExpress ASP.NET File Manager 13.2.8 Directory Traversal

DevExpress ASP.NET File Manager versions 10.2 through 13.2.8 suffer from a directory traversal vulnerability. Directory Traversal in DevExpress ASP.NET File Manager During a penetration test RedTeam Pentesting discovered a directory traversal vulnerability in DevExpress' ASP.NET File Manager and...

CVE-2014-3974

Cross-site scripting XSS vulnerability in filemanager.php in AuraCMS 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the viewdir parameter...

CVE-2014-3975

Absolute path traversal vulnerability in filemanager.php in AuraCMS 3.0 allows remote attackers to list a directory via a full pathname in the viewdir parameter...

Cross site scripting

Cross-site scripting XSS vulnerability in filemanager.php in AuraCMS 3.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the viewdir parameter...

AuraCMS 3.0 - Multiple Vulnerabilities

Exploit for php platform in category web applications Exploit Title: AuraCMS 3.0 Multiple Vulnerabilities Date: 05/28/2014 Author: Mustafa ALTINKAYNAK Download URL :http://auracms.org/ Software Link: http://codeload.github.com/auracms/AuraCMS/zip/master Vuln Category: CWE-79 XSS - CWE-98 LFI Test...

AuraCMS 3.0 Cross Site Scripting / Local File Inclusion

Exploit Title: AuraCMS 3.0 Multiple Vulnerabilities Date: 05/28/2014 Author: Mustafa ALTINKAYNAK Download URL :http://auracms.org/ Software Link: http://codeload.github.com/auracms/AuraCMS/zip/master Vuln Category: CWE-79 XSS - CWE-98 LFI Tested on: AuraCMS 3.0 Tested Local Platform : XAMP on...

AuraCMS 3.0 - Multiple Vulnerabilities

AuraCMS 3.0 - Multiple Vulnerabilities Exploit Title: AuraCMS 3.0 Multiple Vulnerabilities Date: 05/28/2014 Author: Mustafa ALTINKAYNAK Download URL :http://auracms.org/ Software Link: http://codeload.github.com/auracms/AuraCMS/zip/master Vuln Category: CWE-79 XSS - CWE-98 LFI Tested on: AuraCMS...

AuraCMS 3.0 - Multiple Vulnerabilities

Exploit Title: AuraCMS 3.0 Multiple Vulnerabilities Date: 05/28/2014 Author: Mustafa ALTINKAYNAK Download URL :http://auracms.org/ Software Link: http://codeload.github.com/auracms/AuraCMS/zip/master Vuln Category: CWE-79 XSS - CWE-98 LFI Tested on: AuraCMS 3.0 Tested Local Platform : XAMP on...