92 matches found
Simple Image Gallery (free) 3.5.0 and previous, XSS
Simple Image Gallery Freed by Joomlaworks, version 3.5.0 and previous, XSS Resolution: update to 3.6.0 Update notice: https://www.joomlaworks.net/blog/item/269-simple-image-gallery-free-v3-6-0-released-featuring-enhanced-print-previews-fixing-xss-vulnerability-related-to-print-page-output Note th...
Wordpress simple-image-manipulator plugin remote file download vulnerability
WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language. simple-image-manipulator is one of the image manipulator plugin. A remote file download vulnerability exists in Wordpress simple-image-manipulator plugin v1.0, which can be exploited by...
Remote file inclusion
Remote file download in simple-image-manipulator v1.0 wordpress plugin...
CVE-2015-1000010
Remote file download in simple-image-manipulator v1.0 wordpress plugin...
simple-image-manipulator <= 1.0 - Remote File Download
Plugin is still affected and has been closed. In ./simple-image-manipulator/controller/download.php no checks are made to authenticate the user or sanitize input when determining file location. $ curl...
Joomla Simple Image Upload 1.0 Shell Upload
Exploit Title: Joomla Simple Image Upload - Arbitrary File Upload Google Dork: inurl:option=comsimpleimageupload Date: 23.06.2015 Exploit Author: CrashBandicot @DosPerl Vendor Homepage: http://tuts4you.de/ Software Link: http://tuts4you.de/96-development/156-simpleimageupload Version: 1.0 Tested...
Joomla! Component com_simpleimageupload - Arbitrary File Upload
Exploit Title: Joomla Simple Image Upload - Arbitrary File Upload Google Dork: inurl:option=comsimpleimageupload Date: 23.06.2015 Exploit Author: CrashBandicot @DosPerl Vendor Homepage: http://tuts4you.de/ Software Link: http://tuts4you.de/96-development/156-simpleimageupload Version: 1.0 Tested...
Joomla! Component com_simpleimageupload - Arbitrary File Upload
Joomla! Component comsimpleimageupload - Arbitrary File Upload Exploit Title: Joomla Simple Image Upload - Arbitrary File Upload Google Dork: inurl:option=comsimpleimageupload Date: 23.06.2015 Exploit Author: CrashBandicot @DosPerl Vendor Homepage: http://tuts4you.de/ Software Link:...
Simple Image Hosting script Arbitrary File Upload
Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...
CVE-2005-4672
The CVE-2005-4672 entry describes a cross-site scripting (XSS) flaw in CityPost Simple Image-Editor 0.52, specifically in image-editor-52/index.php. The vulnerability allows remote attackers to inject arbitrary web script or HTML via one of five parameters: m1, m2, m3, imgsrc, or m4. The affected...
CVE-2005-4672
Cross-site scripting XSS vulnerability in image-editor-52/index.php in CityPost Simple Image-Editor 0.52 allows remote attackers to inject arbitrary web script or HTML via the 1 m1, 2 m2, 3 m3, 4 imgsrc, and 5 m4 parameter...
citypostXSS.txt
sNKenjoi's Security Advisory: XSS Vunerabilities in Multiple CityPost Software Security Advisory: XSS Vunerabilities in Multiple CityPost Software Severity: Medium Title: XSS Vunerabilities in Simple PHP Upload, Simple Image Editor and Automated Link Exchange Vendor: Allen Kim Vendor Website:...