CVE-2018-6526

viewallbugpage.php in MantisBT 2.10.0-development before 2018-02-02 allows remote attackers to discover the full path via an invalid filter parameter, related to a filterensurevalidfilter call in currentuserapi.php...

CVE-2017-17715

The saveFile method in MediaController.java in the Telegram Messenger application before 2017-12-08 for Android allows directory traversal via a pathname obtained in a file-transfer request from a remote peer, as demonstrated by writing to tgnet.dat or tgnet.dat.bak...

CVE-2014-8491

The Grand Flagallery plugin before 4.25 for WordPress allows remote attackers to obtain the installation path via a request to 1 flagallery-skins/bannerwidgetdefault/gallery.php or 2 flash-album-gallery/skins/bannerwidgetdefault/gallery.php...

Upload and Execute

Push a file and execute it. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Upload and Execute', 'Description' = %qPush a file and execute it., 'Author' = 'egypt', 'License' = MSFLICENSE,...

WordPress Group Documents Plugin <= 1.2.1 - Remote Path Traversal

This plugin is prone to a bp-group-documents-settings.php file parameter remote path traversal file location manipulation vulnerability. Solution Upgrade the plugin...

Album Streamer 2.0 iOS - Directory Traversal

Album Streamer 2.0 iOS - Directory Traversal Document Title: =============== Album Streamer v2.0 iOS - Directory Traversal Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1481 Release Date: ============= 2015-05-07 Vulnerability Laboratory ...

CVE-2015-2209

DLGuard 4.5 allows remote attackers to obtain the installation path via the c parameter to index.php...

CVE-2014-9177

The CVE-2014-9177 entry concerns the WordPress plugin “HTML5 MP3 Player with Playlist Free” (before version 2.7). The vulnerability is a path-disclosure flaw where an attacker can obtain the WordPress installation path via a request to html5plus/playlist.php. Impact is limited to information disc...

Tera Charts 0.1 - charts/zoomabletreemap.php fn Parameter Remote Path Traversal File Disclosure

The tera-charts WordPress plugin was affected by a charts/zoomabletreemap.php fn Parameter Remote Path Traversal File Disclosure security vulnerability...

AdminOnline - download.php file Parameter Remote Path Traversal File Access

The adminonline WordPress plugin was affected by a download.php file Parameter Remote Path Traversal File Access security vulnerability...

LayerSlider 4.6.1 - Remote Path Traversal File Access

The LayerSlider WordPress plugin was affected by a Remote Path Traversal File Access security vulnerability...

Group Documents 1.2.1 - bp-group-documents-settings.php file Parameter Remote Path Traversal File Location Manipulation

The BP Group Documents WordPress plugin was affected by a bp-group-documents-settings.php file Parameter Remote Path Traversal File Location Manipulation security vulnerability...

Tera Charts 0.1 - Unauthenticated Remote Path Traversal File Disclosure

The tera-charts WordPress plugin was affected by an Unauthenticated Remote Path Traversal File Disclosure security vulnerability. PoC http://www.example.com/wp-content/plugins/tera-charts/charts/treemap.php?fn=../../../../wp-config.php...

Tera Charts 0.1 - Unauthenticated Remote Path Traversal File Disclosure

The tera-charts WordPress plugin was affected by an Unauthenticated Remote Path Traversal File Disclosure security vulnerability. http://www.example.com/wp-content/plugins/tera-charts/charts/treemap.php?fn=../../../../wp-config.php...

WordPress LayerSlider Plugin <= 4.6.1 - Remote Path Traversal File Access

This plugin is prone to a remote path traversal file access. It allows arbitrary code execution. Solution Update the plugin...

CVE-2014-5107

concrete5 before 5.6.3 allows remote attackers to obtain the installation path via a direct request to 1 system/basics/editor.php, 2 system/view.php, 3 system/environment/filestoragelocations.php, 4 system/mail/importers.php, 5 system/mail/method.php, 6 system/permissions/filetypes.php, 7...

Joomla 1.5.12 connect back exploit

No description provided by source. !/usr/bin/php ?php / Copyright c ITIX LTD This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or at your option a...

Better Basket Pro 3.0 Store Builder Remote Path Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8386/info It has been reported that Better Basket Pro BBPro Store Builder may reveal path information under some circumstances. This may result a directed attack against system resources...

TOPO 1.41 Remote Path Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6768/info It has been reported that TOPo may return information to users that is sensitive in nature. Under some circumstances, it is possible to produce an error message that reveals information about web directory...

Backup Exec System Recovery Manager <= 7.0.1 File Upload Exploit

No description provided by source. ?xml version=1.0? html xmlns=http://www.w3.org/1999/xhtml headtitleFile Upload POC/title/head body h2 Backup Exec System Recovery Manager 7.0brFile Upload POC/h2 form action=https://TARGET:8443/axis/FileUpload method=post enctype=multipart/form-data Remote Path:...