DM FileManager 3.9.2 Insecure Cookie

DM FileManager 3.9.2 Insecure Cookie Handling Vuln Founder: ThE g0bL!N ------ Home: http:/www.4ckx.com/dz/ ---- Vendor:http://dutchmonkey.com Special Thx: Snakespc Note: Algerie 3-1 Egypt Exploit: ------ javascript:document.cookie="USER=user name ;path=/";...

CVE-2009-1741

Multiple SQL injection vulnerabilities in login.php in DM FileManager 3.9.2, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 Username and 2 Password fields...

CVE-2009-1741

CVE-2009-1741 relates to DM FileManager 3.9.2, where login.php contains multiple SQL injection vulnerabilities when magic_quotes_gpc is disabled. Remote attackers can cause arbitrary SQL execution via the (1) Username and (2) Password fields. The NVD notes a CVSSv2 base score of 6.8 (MEDIUM). No ...

CVE-2009-1741

Multiple SQL injection vulnerabilities in login.php in DM FileManager 3.9.2, when magicquotesgpc is disabled, allow remote attackers to execute arbitrary SQL commands via the 1 Username and 2 Password fields...

DM FileManager 3.9.2 (Auth Bypass) SQL Injection Vulnerability

No description provided by source. -------------------------AllaH AkbaR------------------------------- dm-filemanager Auth Bypass Remote Sql Injection --------------------------------------------------------------------------- Discovered By: Snakespc ALGERIAN HaCkEr Mail: [email protected]...

DM FileManager 3.9.2 - Authentication Bypass

-------------------------AllaH AkbaR------------------------------- dm-filemanager Auth Bypass Remote Sql Injection --------------------------------------------------------------------------- Discovered By: Snakespc ALGERIAN HaCkEr Mail: [email protected] Site:http://www.snakespc.com/sc/index.ph...

DM FileManager 3.9.2 - Authentication Bypass

DM FileManager 3.9.2 - Authentication Bypass -------------------------AllaH AkbaR------------------------------- dm-filemanager Auth Bypass Remote Sql Injection --------------------------------------------------------------------------- Discovered By: Snakespc ALGERIAN HaCkEr Mail:...

DM FileManager 3.9.2 SQL Injection

-------------------------AllaH AkbaR------------------------------- dm-filemanager Auth Bypass Remote Sql Injection --------------------------------------------------------------------------- Discovered By: Snakespc ALGERIAN HaCkEr Mail: [email protected] Site:http://www.snakespc.com/sc/index.ph...

DM FileManager 3.9.2 (Auth Bypass) SQL Injection Vulnerability

Exploit for unknown platform in category web applications ============================================================== DM FileManager 3.9.2 Auth Bypass SQL Injection Vulnerability ==============================================================...

CVE-2008-6685

Unspecified vulnerability in Frontend Filemanager airfilemanager 0.6.1 and earlier extension for TYPO3 allows remote attackers to execute arbitrary commands via unknown vectors...

CVE-2008-6685

The CVE-2008-6685 entry concerns Frontend Filemanager (air_filemanager) 0.6.1 and earlier TYPO3 extension. It describes an unspecified vulnerability that allows remote attackers to execute arbitrary commands via unknown vectors. The available sources confirm the affected software and the remote c...

CVE-2008-6685

Unspecified vulnerability in Frontend Filemanager airfilemanager 0.6.1 and earlier extension for TYPO3 allows remote attackers to execute arbitrary commands via unknown vectors...

SoftArtisans XFile FileManager ActiveX Control Buffer Overflow

This module exploits a stack buffer overflow in SoftArtisans XFile FileManager ActiveX control SAFmgPwd.dll 2.0.5.3. When sending an overly long string to the GetDriveName method an attacker may be able to execute arbitrary code. This module requires Metasploit: https://metasploit.com/download...

WeBid 0.5.4 (fckeditor) Remote Arbitrary File Upload Exploit

No description provided by source. ?php / ----------------------------------------------------------------- WeBid v0.5.4 fckeditor Remote Arbitrary File Upload Exploit ----------------------------------------------------------------- author...: Stack - vulnerable code in...

CVE-2007-1682

Multiple stack-based buffer overflows in the FileManager ActiveX control in SAFmgPws.dll in SoftArtisans XFile before 2.4.0 allow remote attackers to execute arbitrary code via unspecified calls to the 1 BuildPath, 2 GetDriveName, 3 DriveExists, or 4 DeleteFile method...

CVE-2007-1682

SoftArtisans XFile FileManager ActiveX control (SAFmgPws.dll) is affected by CVE-2007-1682 through vulnerable BuildPath(), GetDriveName(), DriveExists(), and DeleteFile() methods. The vulnerability is a stack-based buffer overflow in XFile before version 2.4.0 that could allow remote code executi...

SoftArtisans XFile文件管理器ActiveX控件多个缓冲区溢出漏洞

BUGTRAQ ID:30826 CVE ID：CVE-2007-1682 CNCVE ID：CNCVE-20081682 SoftArtisans XFile是一款文件传送应用程序ActiveX控件。 XFile FileManager ActiveX控件存在多个缓冲区溢出，远程攻击者可以利用漏洞以应用程序权限执行任意指令。 由SAFmgPws.dll提供的XFile FileManager ActiveX控件处理BuildPath, GetDriveName, DriveExists,...

SoftArtisans XFile FileManager ActiveX control stack buffer overflows

Overview The SoftArtisans XFile FileManager ActiveX control contains several stack buffer overflows, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description SoftArtisans XFile is an ActiveX file transfer application. The XFile FileManager...

XHP CMS Version <= 0.5 File Upload Vulnerability

The remote webserver is hosting a PHP script which is vulnerable to a unrestricted file upload flaw. Description : XHP CMS is installed on the remote system. The installed application does not authenticate users to access the FileManager scripts located at:...

CVE-2008-3712

Multiple cross-site scripting XSS vulnerabilities in Mambo 4.6.2 and 4.6.5, when registerglobals is enabled, allow remote attackers to inject arbitrary web script or HTML via the 1 query string to mambots/editors/mostlyce/jscripts/tinymce/filemanager/connectors/php/connector.php and the 2...