CVE-2010-1709

The CVE-2010-1709 entry pertains to multiple XSS vulnerabilities in the upload.cgi handler of G5-Scripts Auto-Img-Gallery 1.1. The underlying issue is input handling in the upload.cgi script, allowing an attacker to inject arbitrary web script or HTML via the (1) user and (2) pass parameters. Aff...

CVE-2007-5734

Unrestricted file upload vulnerability in eFileMan 7.1.0.87-88 allows remote attackers to upload arbitrary files, with "uploads/uploadfile." destination filenames, via unspecified vectors to upload.cgi, accessed from upload.html...

CVE-2004-2743

upload.cgi in Mega Upload Progress Bar before 1.45 allows remote attackers to copy or overwrite arbitrary files via unspecified parameters related to names of uploaded files...

CVE-2004-2743

CVE-2004-2743 concerns upload.cgi in Mega Upload Progress Bar before 1.45. It allows remote attackers to copy or overwrite arbitrary files via parameters related to uploaded file names. The NVD entry lists a CVSSv2 base score of 6.4 (Medium), with Network attack vector, Low complexity, and no aut...

CVE-2006-1485

gm-upload.cgi in Greymatter 1.3.1 allows remote authenticated users with upload privileges to execute arbitrary programs by uploading files to locations within the web root. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

GreyMatter gm-upload.cgi Arbitrary File Upload

Binary data 3489.prm...