Lucene search
K

92 matches found

Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2018/01/29 12:0 a.m.21 views

Simple Image Gallery (free) 3.5.0 and previous, XSS

Simple Image Gallery Freed by Joomlaworks, version 3.5.0 and previous, XSS Resolution: update to 3.6.0 Update notice: https://www.joomlaworks.net/blog/item/269-simple-image-gallery-free-v3-6-0-released-featuring-enhanced-print-previews-fixing-xss-vulnerability-related-to-print-page-output Note th...

1.5AI score
Exploits0References3Affected Software1
CNVD
CNVD
added 2016/10/20 12:0 a.m.2 views

Wordpress simple-image-manipulator plugin remote file download vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language. simple-image-manipulator is one of the image manipulator plugin. A remote file download vulnerability exists in Wordpress simple-image-manipulator plugin v1.0, which can be exploited by...

7.5CVSS7AI score0.07038EPSS
Exploits2References1
Prion
Prion
added 2016/10/06 2:59 p.m.12 views

Remote file inclusion

Remote file download in simple-image-manipulator v1.0 wordpress plugin...

5CVSS7.2AI score0.07038EPSS
Exploits2References2Affected Software1
Cvelist
Cvelist
added 2016/10/06 2:0 p.m.25 views

CVE-2015-1000010

Remote file download in simple-image-manipulator v1.0 wordpress plugin...

7.7AI score0.07038EPSS
Exploits2References2
wpexploit
wpexploit
added 2015/08/02 12:0 a.m.23 views

simple-image-manipulator <= 1.0 - Remote File Download

Plugin is still affected and has been closed. In ./simple-image-manipulator/controller/download.php no checks are made to authenticate the user or sanitize input when determining file location. $ curl...

5CVSS1.6AI score0.07038EPSS
Exploits2References2
Packet Storm
Packet Storm
added 2015/06/25 12:0 a.m.38 views

Joomla Simple Image Upload 1.0 Shell Upload

Exploit Title: Joomla Simple Image Upload - Arbitrary File Upload Google Dork: inurl:option=comsimpleimageupload Date: 23.06.2015 Exploit Author: CrashBandicot @DosPerl Vendor Homepage: http://tuts4you.de/ Software Link: http://tuts4you.de/96-development/156-simpleimageupload Version: 1.0 Tested...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2015/06/24 12:0 a.m.24 views

Joomla! Component com_simpleimageupload - Arbitrary File Upload

Exploit Title: Joomla Simple Image Upload - Arbitrary File Upload Google Dork: inurl:option=comsimpleimageupload Date: 23.06.2015 Exploit Author: CrashBandicot @DosPerl Vendor Homepage: http://tuts4you.de/ Software Link: http://tuts4you.de/96-development/156-simpleimageupload Version: 1.0 Tested...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2015/06/24 12:0 a.m.18 views

Joomla! Component com_simpleimageupload - Arbitrary File Upload

Joomla! Component comsimpleimageupload - Arbitrary File Upload Exploit Title: Joomla Simple Image Upload - Arbitrary File Upload Google Dork: inurl:option=comsimpleimageupload Date: 23.06.2015 Exploit Author: CrashBandicot @DosPerl Vendor Homepage: http://tuts4you.de/ Software Link:...

0.4AI score
Exploits0
0day.today
0day.today
added 2012/04/05 12:0 a.m.14 views

Simple Image Hosting script Arbitrary File Upload

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

7.1AI score
Exploits0
CVE
CVE
added 2006/01/27 11:0 p.m.38 views

CVE-2005-4672

The CVE-2005-4672 entry describes a cross-site scripting (XSS) flaw in CityPost Simple Image-Editor 0.52, specifically in image-editor-52/index.php. The vulnerability allows remote attackers to inject arbitrary web script or HTML via one of five parameters: m1, m2, m3, imgsrc, or m4. The affected...

4.3CVSS6AI score0.01226EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2005/12/31 5:0 a.m.14 views

CVE-2005-4672

Cross-site scripting XSS vulnerability in image-editor-52/index.php in CityPost Simple Image-Editor 0.52 allows remote attackers to inject arbitrary web script or HTML via the 1 m1, 2 m2, 3 m3, 4 imgsrc, and 5 m4 parameter...

4.3CVSS5.7AI score0.01226EPSS
Exploits1References4
Packet Storm
Packet Storm
added 2005/05/30 12:0 a.m.31 views

citypostXSS.txt

sNKenjoi's Security Advisory: XSS Vunerabilities in Multiple CityPost Software Security Advisory: XSS Vunerabilities in Multiple CityPost Software Severity: Medium Title: XSS Vunerabilities in Simple PHP Upload, Simple Image Editor and Automated Link Exchange Vendor: Allen Kim Vendor Website:...

7.4AI score
Exploits0
Rows per page
Query Builder