724 matches found
mambo462-morexss.txt
---------------------------------------------------------------- Script : Mambo 4.6.2 Full & Older Versions Type : Multiple Cross Site Scripting Vulnerabilities Alert Level : Medium ---------------------------------------------------------------- Download From :...
CVE-2008-3591
SQL injection vulnerability in lib/class.admin.php in Twentyone Degrees Symphony 1.7.01 and earlier allows remote attackers to execute arbitrary SQL commands via the symauth cookie in a /publish/filemanager/ request to index.php...
Authentication flaw
admin/filemanager/ aka the File Manager in EZTechhelp EZCMS 1.2 and earlier does not require authentication, which allows remote attackers to create, modify, read, and delete files...
Seagull PHP Framework <= 0.6.4 (fckeditor) Arbitrary File Upload Exploit
No description provided by source. ?php / ------------------------------------------------------------------------ Seagull PHP Framework = 0.6.4 fckeditor Arbitrary File Upload Exploit ------------------------------------------------------------------------ author...: EgiX mail.....:...
Seagull PHP Framework 0.6.4 - 'FCKeditor' Arbitrary File Upload
?php / ------------------------------------------------------------------------ Seagull PHP Framework = 0.6.4 fckeditor Arbitrary File Upload Exploit ------------------------------------------------------------------------ author...: EgiX mail.....: n0b0d13satgmaildotcom link.....:...
TYPO3 Security Bulletin
Several vulnerabilities have been found in TYPO3 third party extensions. Please read first: This Collective Security Bulletin CSB is a listing of vulnerable extensions with neither significant download numbers nor other special importance amongst the TYPO3 Community. The intention of CSBs is to...
ProManager 0.73 - 'config.php' Local File Inclusion
-------------------------------------- Pro Manager 0.73 Local File Inclusion Vuln -------------------------------------- http://www.sfr-fresh.com/unix/privat/proManager-0.73.tar.gz -------------------------------------- By : Stack email : Wanted -------------------------------------- Exploit :...
CVE-2008-2267
The CVE-2008-2267 entry concerns CMS Made Simple (CMSMS) 1.2.4 and earlier, where the FileManager module’s Postlet component (javaUpload.php) uses an incomplete blacklist. This allows remote attackers to upload a file whose name ends with extensions such as .jsp, .php3, .cgi, .dhtml, .phtml, .php...
Multiple vulnerabilities in extension Frontend Filemanager (air_filemanager)
It has been discovered that the extension Frontend Filemanager airfilemanager is susceptible to Cross Site Scripting XSS attacks and allows Remote Code Execution. Component Type: Third party extensions. These extensions are not part of the TYPO3 default installation. Affected Versions: Version...
CMS Made Simple <= 1.2.4 (FileManager module) File Upload Exploit
No description provided by source. ?php / --------------------------------------------------------------------------- CMS Made Simple = 1.2.4 FileManager module Arbitrary File Upload Exploit --------------------------------------------------------------------------- author...: EgiX...
cmsmadesimple-upload.txt
?php / --------------------------------------------------------------------------- CMS Made Simple = 1.2.4 FileManager module Arbitrary File Upload Exploit --------------------------------------------------------------------------- author...: EgiX mail.....: n0b0d13satgmaildotcom link.....:...
CMS Made Simple <= 1.2.4 (FileManager module) File Upload Exploit
Exploit for unknown platform in category web applications ================================================================= CMS Made Simple = 1.2.4 FileManager module File Upload Exploit ================================================================= ?php /...
CMS Made Simple 1.2.4 Module FileManager - Arbitrary File Upload
CMS Made Simple 1.2.4 Module FileManager - Arbitrary File Upload ?php / --------------------------------------------------------------------------- CMS Made Simple = 1.2.4 FileManager module Arbitrary File Upload Exploit ---------------------------------------------------------------------------...
CMS Made Simple 1.2.4 Module FileManager - Arbitrary File Upload
?php / --------------------------------------------------------------------------- CMS Made Simple = 1.2.4 FileManager module Arbitrary File Upload Exploit --------------------------------------------------------------------------- author...: EgiX mail.....: n0b0d13satgmaildotcom link.....:...
CVE-2008-0222
CVE-2008-0222 affects the WordPress plugin WP-FileManager 1.2, where the file ajaxfilemanager.php allows unrestricted file upload and remote code execution via unspecified vectors. The issue is caused by insecure handling of uploads, enabling attackers to upload arbitrary PHP code. Affected produ...
WordPress FileManager Plugin <= 1.2 - Arbitrary File Upload
Because of this vulnerability in ajaxfilemanager.php, the attackers can upload and execute arbitrary PHP code via unspecified vectors. Solution Update the plugin...
WordPress Plugin Wp-FileManager 'ajaxfilemanager.php'任意文件上传漏洞
BUGTRAQ ID: 27151 CNCAN ID:CNCAN-2008010813 WordPress Plugin Wp-FileManager是一款基于WordPress的文件管理程序。 WordPress Plugin Wp-FileManager不正确过滤用户提交的URI数据,远程攻击者可以利用漏洞上传任意文件。 问题是由于'ajaxfilemanager.php'脚本对用户提交的WEB参数处理缺少充分过滤,可提交任意文件,导致以WEB权限执行。 Wp-FileManager 1.2 厂商解决方案 --------- 目前没有解决方案提供:...
Wordpress Plugin Wp-FileManager 1.2 Remote Upload Vulnerability
No description provided by source. AUTHOR : H-T TeaM HouSSaMix ToXiC350 HOME : http://no-hack.net Script : Wordpress Plugin Wp-FileManager Download : http://downloads.wordpress.org/plugin/wp-filemanager.1.2.zip...
wpfile-upload.txt
AUTHOR : H-T TeaM HouSSaMix ToXiC350 HOME : http://no-hack.net Script : Wordpress Plugin Wp-FileManager Download : http://downloads.wordpress.org/plugin/wp-filemanager.1.2.zip BUG : Remote File Upload Vulnerability Shell Upload Exploit | 3xpl0it4t10n : This file allowed you to upload directly a P...
WordPress Plugin Wp-FileManager 1.2 - Arbitrary File Upload
AUTHOR : H-T TeaM HouSSaMix ToXiC350 HOME : http://no-hack.net Script : Wordpress Plugin Wp-FileManager Download : http://downloads.wordpress.org/plugin/wp-filemanager.1.2.zip BUG : Remote File Upload Vulnerability Shell Upload Exploit | 3xpl0it4t10n : This file allowed you to upload directly a P...