CVE-2020-36973

PDW File Browser 1.3 contains a remote code execution vulnerability that allows authenticated users to upload and rename webshell files to arbitrary web server locations. Attackers can upload a .txt webshell, rename it to .php, and move it to accessible directories using double-encoded path...

CVE-2020-36973 PDW File Browser 1.3 - Remote Code Execution

PDW File Browser 1.3 contains a remote code execution vulnerability that allows authenticated users to upload and rename webshell files to arbitrary web server locations. Attackers can upload a .txt webshell, rename it to .php, and move it to accessible directories using double-encoded path...

CVE-2020-36973

PDW File Browser 1.3 is affected by a remote code execution vulnerability that lets authenticated users upload and rename webshell files to arbitrary web server locations. An attacker can upload a .txt webshell, rename it to .php, and move it into accessible directories using double-encoded path ...

CVE-2020-36988 PDW File Browser <= v1.3 - Cross-Site Scripting (XSS)

PDW File Browser version 1.3 contains stored and reflected cross-site scripting vulnerabilities that allow authenticated attackers to inject malicious scripts through file rename and path parameters. Attackers can craft malicious URLs or rename files with XSS payloads to execute arbitrary...

CVE-2020-36988 PDW File Browser <= v1.3 - Cross-Site Scripting (XSS)

PDW File Browser version 1.3 contains stored and reflected cross-site scripting vulnerabilities that allow authenticated attackers to inject malicious scripts through file rename and path parameters. Attackers can craft malicious URLs or rename files with XSS payloads to execute arbitrary...

CVE-2020-36988

PDW File Browser version 1.3 contains stored and reflected cross-site scripting vulnerabilities that allow authenticated attackers to inject malicious scripts through file rename and path parameters. Attackers can craft malicious URLs or rename files with XSS payloads to execute arbitrary...

CVE-2020-36988

PDW File Browser

PDW-File-Browser security vulnerability

PDW-File-Browser is a file browser developed by Michal Charemza. Version 1.3 of PDW-File-Browser has a security vulnerability; this vulnerability stems from the ability to upload and rename webshell files, which may lead to remote code execution...

PDW File Browser 1.3 - Remote Code Execution

Exploit Title: PDW File Browser 1.3 - Remote Code Execution Date: 24-10-2020 Exploit Author: David Bimmel Researchers: David Bimmel, Joost Vondeling, Ramòn Janssen Vendor Homepage: n/a Software Link: https://github.com/GuidoNeele/PDW-File-Browser Version: … ? Once you have uploaded your webshell...

PDW File Browser 1.3 - &#039;new_filename&#039; Cross-Site Scripting (XSS)

Exploit Title: PDW File Browser . The payload gets executed when any authenticated user navigates to the PDW File browser page. POST /ckeditor/plugins/pdwfilebrowser/actions.php HTTP/1.1 Host: … action=rename&newfilename=&oldfilename=script%253EFILE.txt&folder=%252Fmedia%252F&typ e=file Reflected...

WordPress Pdw File Browser Plugin - Cross Site Scripting

Because of this vulnerability, the attackers can inject arbitrary JavaScript or HTML code. Solution Update the plugin...

WordPress Pdw File Browser Plugin - Cross Site Scripting

Because of this vulnerability, the attackers can inject arbitrary JavaScript or HTML code. Solution Update the plugin...

WordPress PDW File Browser Plugin <= 0.9.4.1 - Bypass

This plugin is prone to an upload.php arbitrary file upload vulnerability. Solution Update plugin...

WordPress PDW File Browser Plugin <= 0.9.4.1 - Bypass

This plugin is prone to an upload.php arbitrary file upload vulnerability. Solution Update plugin...

PDW File Browser - upload.php Arbitrary File Upload

The pdw-file-browser WordPress plugin was affected by an upload.php Arbitrary File Upload security vulnerability...

WordPress PDW File Browser 1.1 Shell Upload

Description : Wordpress Plugins - PDW File Browser Arbitrary File Upload Vulnerability Version : 1.1 Link : http://wordpress.org/extend/plugins/pdw-file-browser/ Plugins : http://downloads.wordpress.org/plugin/pdw-file-browser.zip Date : 30-05-2012 Google Dork :...

Wordpress Plugins PDW File Browser Arbitrary File Upload Vulnerability

Exploit for php platform in category web applications Description : Wordpress Plugins - PDW File Browser Arbitrary File Upload Vulnerability Version : 1.1 Link : http://wordpress.org/extend/plugins/pdw-file-browser/ Plugins : http://downloads.wordpress.org/plugin/pdw-file-browser.zip Google Dork ...