Remote File Upload Vulnerability in WordPress Ultimate Product Catalogue Plugin

Product Description: ------------------- Ultimate Product Catalog plugin is designed to help WordPress sites administrators display products quickly and easily in an attractive and customizable layout, making your catalogue easy to browse, sort and update with categories, sub-categories, and tags...

Bypass of file blacklist - ownCloud

A blacklist bypass vulnerability including UTF-8 encoding in file paths in the mentioned ownCloud versions, allows authenticated remote attackers to bypass the file blacklist and upload files such as the .htaccess files. An attacker could leverage this bypass by uploading a .htaccess and execute...

Bypass of file blacklist on Microsoft Windows Platform - ownCloud

A blacklist bypass vulnerability including UTF-8 encoding in file paths in the mentioned ownCloud Server versions, when running on a Microsoft Windows Platform, allows authenticated remote attackers to bypass the file blacklist and upload files such as the .htaccess files. An attacker could...

IT-Grundschutz M4.094: Schutz der Webserver-Dateien

IT-Grundschutz M4.094: Schutz der Webserver-Dateien. Stand: 14. Ergänzungslieferung 14. EL. OpenVAS Vulnerability Test $Id: GSHBM4094.nasl 7883 2017-11-23 11:22:59Z emoss $ IT-Grundschutz, 14. EL, Maßnahme 4.094 Authors: Thomas Rotter Copyright: Copyright c 2015 Greenbone Networks GmbH,...

IT-Grundschutz M4.094: Schutz der Webserver-Dateien

IT-Grundschutz M4.094: Schutz der Webserver-Dateien. Stand: 14. Ergänzungslieferung 14. EL. Copyright C 2015 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License ...

Oracle NoSQL 11g 1.1.100 R2 - 'log' Parameter Directory Traversal Vulnerability

Exploit for java platform in category web applications source: http://www.securityfocus.com/bid/50567/info Oracle NoSQL is prone to a directory-traversal vulnerability because the application fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain...

Cookie hijacking: Internet Explorer UXSS (CVE-2015-0072)

Cookie hijacking: Internet Explorer UXSS CVE-2015-0072 Host below files on webserver attacker.com and share the exploit link with victims, exploit.php --- exploit link Share with victim redirect.php --- Script to redirect on target page target page should not contain X-Frame-Options or it will fa...

Microsoft Internet Explorer Universal XSS Proof Of Concept

Cookie hijacking: Internet Explorer UXSS CVE-2015-0072 Host below files on webserver attacker.com and share the exploit link with victims, exploit.php --- exploit link Share with victim redirect.php --- Script to redirect on target page target page should not contain X-Frame-Options or it will fa...

MinaliC-Webserver-2.0.0

Exploit Title: MinaliC Webserver buffer overflow Date: 12 Apr 2013 Exploit Author: superkojiman - http://www.techorganic.com Vendor Homepage: http://minalic.sourceforge.net/ Version: MinaliC Webserver 2.0.0 import socket import struct 74 bytes calc.exe from...

Kolibri-WebServer-2.0-GET

Exploit Title : Kolibri WebServer 2.0 Get Request SEH Exploit Exploit Author : Revin Hadi S Date : 14/07/2014 Vendor : http://www.senkas.com Version : 2.0 import socket, sys help = """Kolibri WebServer 2.0 Get Request SEH Exploit Target 1Windows XP SP2 Eng & Windows 2003 SP2 Eng 2Windows 7 SP1 En...

Easy File Sharing Web Server 6.8 - Persistent Cross-Site Scripting

Exploit Title: Easy File Sharing Webserver =6.8 Persistent XSS Date: 12/26/14 Exploit Author: SickPsycko Vendor Homepage: http://www.sharing-file.com/ Version:6.8 Tested on: Windows 7 32bit The exploit is within the username field. So to exploit this vulnerability, One must place the payload into...

Misfortune Cookie Home Router Vulnerability Discovered

More than 12 million devices running an embedded webserver called RomPager are vulnerable to a simple attack that could give a hacker man-in-the-middle position on traffic going to and from home routers from just about every leading manufacturer. Mostly ISP-owned residential gateways manufactured...

phpMyAdmin -- XSS and DoS vulnerabilities

The phpMyAdmin development team reports: DoS vulnerability with long passwords. With very long passwords it was possible to initiate a denial of service attack on phpMyAdmin. We consider this vulnerability to be serious. This vulnerability can be mitigated by configuring throttling in the...

tnftp (FreeBSD 8910) - tnftp Client Side

tnftp FreeBSD 8910 - tnftp Client Side !/usr/bin/env python2 Exploit Title: tnftp BSD exploit Date: 11/29/2014 Exploit Author: dash Vendor Homepage: www.freebsd.org Version: FreeBSD 8/9/10 Tested on: FreeBSD 9.3 CVE : CVE-2014-8517 tnftp exploit CVE-2014-8517tested against freebsd 9.3...

TYPO3 Extension ke_questionnaire 2.5.2 Information Disclosure Vulnerability

The TYPO3 extension kequestionnaire stores answered questionnaires in a publicly reachable directory on the webserver with filenames that are easily guessable. Version 2.5.2 is affected. Information Disclosure in TYPO3 Extension kequestionnaire The TYPO3 extension kequestionnaire stores answered...

TYPO3 Extension ke DomPDF - Remote Code Execution

Advisory: Remote Code Execution in TYPO3 Extension kedompdf During a penetration test RedTeam Pentesting discovered a remote code execution vulnerability in the TYPO3 extension kedompdf, which allows attackers to execute arbitrary PHP commands in the context of the webserver. Details =======...

tnftp (FreeBSD 8/9/10) - 'tnftp' Client Side

!/usr/bin/env python2 Exploit Title: tnftp BSD exploit Date: 11/29/2014 Exploit Author: dash Vendor Homepage: www.freebsd.org Version: FreeBSD 8/9/10 Tested on: FreeBSD 9.3 CVE : CVE-2014-8517 tnftp exploit CVE-2014-8517tested against freebsd 9.3...

TYPO3 Extension ke_dompdf 0.0.3 Remote Code Execution

Advisory: Remote Code Execution in TYPO3 Extension kedompdf During a penetration test RedTeam Pentesting discovered a remote code execution vulnerability in the TYPO3 extension kedompdf, which allows attackers to execute arbitrary PHP commands in the context of the webserver. Details =======...

[CORE-2014-0009] - Advantech EKI-6340 Command Injection

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Advantech EKI-6340 Command Injection 1. Advisory Information Title: Advantech EKI-6340 Command Injection Advisory ID: CORE-2014-0009 Advisory URL: http://www.coresecurity.com/advisories/advantech-eki-6340-command-injection Date...

Advantech EKI-6340 - Command Injection

Advantech EKI-6340 - Command Injection Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Advantech EKI-6340 Command Injection 1. Advisory Information Title: Advantech EKI-6340 Command Injection Advisory ID: CORE-2014-0009 Advisory URL:...