Lucene search
K

23 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2011-5047

Malware in sbrugna...

5CVSS6.4AI score0.02288EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/22 4:36 a.m.5 views

CVE-2011-4825

Static code injection vulnerability in inc/function.base.php in Ajax File and Image Manager before 1.1, as used in tinymce before 1.4.2, phpMyFAQ 2.6 before 2.6.19 and 2.7 before 2.7.1, and possibly other products, allows remote attackers to inject arbitrary PHP code into data.php via crafted...

7.5CVSS7.5AI score0.40905EPSS
Exploits7References1
CNNVD
CNNVD
added 2023/04/25 12:0 a.m.6 views

Contao 路径遍历漏洞

Contao is an open source content management system CMS developed using PHP. The system supports search engines, rights management and CSS frameworks. A path traversal vulnerability exists in Contao versions prior to 4.9.40, 4.13.21, and 5.1.4. An attacker exploiting this vulnerability could list...

6.5CVSS6.6AI score0.00797EPSS
Exploits0References5
CNNVD
CNNVD
added 2021/07/02 12:0 a.m.3 views

elFinder 安全漏洞

elFinder is a set of Drupal-based platform , open source AJAX file manager . The product provides multiple file uploads, image scaling and other features. A security vulnerability exists in ElFinder 2.1.47 and earlier versions, which stems from a command injection vulnerability in the program's P...

5.4AI score
Exploits0References1
seebug.org
seebug.org
added 2014/03/11 12:0 a.m.40 views

Ajax File and Image Manager 'search_folder'参数目录遍历漏洞

Bugtraq ID:66071 Ajax File and Image Manager是一款远程文件和图像管理工具。 Ajax File and Image Manager搜索功能不正确处理"searchfolder"参数数据,允许远程利用漏洞提交目录遍历请求,以WEB权限查看敏感文件信息。 0 Ajax File and Image Manager 目前没有详细解决方案提供: http://www.phpletter.com/...

7.1AI score
Exploits0
0day.today
0day.today
added 2014/03/09 12:0 a.m.49 views

Ajax File Manager Directory Traversal Vulnerability

Exploit for php platform in category web applications Exploit Title: Ajax File Manager DirectoryTraversal Google Dork: inurl: "plugins/ajaxfilemanager" Date: 03/07/2014 Exploit Author: Eduardo Alves edudx9 Vendor Homepage: phpletter.com Software Link: http://phpletter.com/Demo/Ajax-File--Manager/...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2014/03/07 12:0 a.m.13 views

Ajax File Manager - Directory Traversal

Ajax File Manager - Directory Traversal Exploit Title: Ajax File Manager DirectoryTraversal Google Dork: inurl: "plugins/ajaxfilemanager" Date: 03/07/2014 Exploit Author: Eduardo Alves edudx9 Vendor Homepage: phpletter.com Software Link: http://phpletter.com/Demo/Ajax-File--Manager/ Version: app...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2014/03/07 12:0 a.m.68 views

Ajax File Manager - Directory Traversal

Exploit Title: Ajax File Manager DirectoryTraversal Google Dork: inurl: "plugins/ajaxfilemanager" Date: 03/07/2014 Exploit Author: Eduardo Alves edudx9 Vendor Homepage: phpletter.com Software Link: http://phpletter.com/Demo/Ajax-File--Manager/ Version: app version - All Tested on: Windows/Linux...

7.4AI score
Exploits0
FreeBSD
FreeBSD
added 2013/11/26 12:0 a.m.14 views

phpmyfaq -- arbitrary PHP code execution vulnerability

The phpMyFAQ team reports: Secunia noticed while analysing the advisory that authenticated users with "Right to add attachments" are able to exploit an already publicly known issue in the bundled Ajax File Manager of phpMyFAQ version 2.8.3, which leads to arbitrary PHP code execution for...

4.3AI score
Exploits0References2
Positive Technologies
Positive Technologies
added 2013/06/20 12:0 a.m.5 views

PT-2013-41: Arbitrary Code Execution in Ajax File and Image Manager

The specialists of the Positive Research center have detected "Arbitrary Code Execution" vulnerability in Ajax File and Image Manager. Due to incorrect application architecture, validation of file extension is implemented after uploading file. Uploaded file will subsequently be removed if its...

10CVSS7.8AI score
Exploits0References3
Packet Storm
Packet Storm
added 2013/04/29 12:0 a.m.36 views

TinyMCE Ajax File Manager Remote Code Execution

/ | / \ / / \ / /\ \ / / \ | \ / \ \ | | | | /\ /\ / /|| /\ | | || \ \ / / / / / Exploit Title : timynce Ajax File Manager Remote Code Author : By onestree Software Link : http://www.phpletter.com/Demo/Tinymce-Ajax-File-Manager/ tested : windows 7 Dork : inurl:"/plugins/filemanager/" or...

0.2AI score
Exploits0
0day.today
0day.today
added 2013/02/16 12:0 a.m.43 views

Ajax File Manager Remote Code Execution Exploit

Ajax File Manager is vulnable to execute abitrary php code injection, and not solution from the vendor. This is private exploit. You can buy it at https://0day.today...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2012/11/22 12:0 a.m.54 views

WordPress Zingiri Web Shop 2.5.0 Shell Upload

|| | || || | | | | 0 | In the name of GOD | -|- | | | ||||| Exploit Title: Wordpress Zingiri-web-shop 2.5.0 Plugin | Arbitrary File Upload Vulnerability | Version: 2.5.0 Software Link: www.zingiri.com/plugins-and-addons/web-shop/ Google Dork: inurl:"/wp-content/plugins/zingiri-web-shop/" Exploit...

7.4AI score
Exploits0
NVD
NVD
added 2012/08/31 9:55 p.m.18 views

CVE-2011-5147

Static code injection vulnerability in ajaxsavename.php in the Ajax File Manager module in the tinymce plugin in FreeWebshop 2.2.9 R2 and earlier allows remote attackers to inject arbitrary PHP code into data.php via the selected document, as demonstrated by a call to ajaxfilecut.php and then to...

5CVSS7.2AI score0.02288EPSS
Exploits0References3
Prion
Prion
added 2012/08/31 9:55 p.m.15 views

Code injection

Static code injection vulnerability in ajaxsavename.php in the Ajax File Manager module in the tinymce plugin in FreeWebshop 2.2.9 R2 and earlier allows remote attackers to inject arbitrary PHP code into data.php via the selected document, as demonstrated by a call to ajaxfilecut.php and then to...

5CVSS7.8AI score0.02288EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2012/08/31 9:55 p.m.4 views

CVE-2011-5147

Static code injection vulnerability in ajaxsavename.php in the Ajax File Manager module in the tinymce plugin in FreeWebshop 2.2.9 R2 and earlier allows remote attackers to inject arbitrary PHP code into data.php via the selected document, as demonstrated by a call to ajaxfilecut.php and then to...

5CVSS6AI score0.02288EPSS
Exploits0References4
Cvelist
Cvelist
added 2012/08/31 9:0 p.m.26 views

CVE-2011-5147

Static code injection vulnerability in ajaxsavename.php in the Ajax File Manager module in the tinymce plugin in FreeWebshop 2.2.9 R2 and earlier allows remote attackers to inject arbitrary PHP code into data.php via the selected document, as demonstrated by a call to ajaxfilecut.php and then to...

7.2AI score0.02288EPSS
Exploits0References3
CVE
CVE
added 2012/08/31 9:0 p.m.48 views

CVE-2011-5147

CVE-2011-5147 affects FreeWebshop 2.2.9 R2 and earlier, specifically the Ajax File Manager module (tinymce plugin). The vulnerability is a static code injection in ajax_save_name.php that lets remote attackers inject arbitrary PHP into data.php via a selected document, shown by a sequence involvi...

5CVSS7.5AI score0.02288EPSS
Exploits0References3Affected Software1
0day.today
0day.today
added 2012/06/03 12:0 a.m.28 views

Log1 CMS writeInfo() PHP Code Injection

Exploit for php platform in category web applications This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

7.1AI score0.40905EPSS
Exploits7
UbuntuCve
UbuntuCve
added 2011/12/15 3:57 a.m.25 views

CVE-2011-4825

Static code injection vulnerability in inc/function.base.php in Ajax File and Image Manager before 1.1, as used in tinymce before 1.4.2, phpMyFAQ 2.6 before 2.6.19 and 2.7 before 2.7.1, and possibly other products, allows remote attackers to inject arbitrary PHP code into data.php via crafted...

7.5CVSS6AI score0.40905EPSS
Exploits7References1
Rows per page
Query Builder