CVE-2011-5147

Static code injection vulnerability in ajaxsavename.php in the Ajax File Manager module in the tinymce plugin in FreeWebshop 2.2.9 R2 and earlier allows remote attackers to inject arbitrary PHP code into data.php via the selected document, as demonstrated by a call to ajaxfilecut.php and then to...

Log1 CMS 2.0 - Multiple Vulnerabilities

No description provided by source. +---------------------------------------+ | Log1 CMS 2.0 Multiple Vulnerabilities | +---------------------------------------+ Vulnerable Web-App : Log1 CMS 2.0 Vulnerability : Multiple Vulnerabilities. Author : Aodrulez. Atul Alex Cherian Email :...

FreeWebshop <= 2.2.9 R2 (ajax_save_name.php) Remote Code Execution

No description provided by source. ?php / -------------------------------------------------------------------------- FreeWebshop = 2.2.9 R2 ajaxsavename.php Remote Code Execution Exploit -------------------------------------------------------------------------- author.............: Egidio Romano...

FreeWebshop &lt;= 2.2.9 R2 &#40;ajax_save_name.php&#41; Remote Code Execution Vulnerability

FreeWebshop = 2.2.9 R2 ajaxsavename.php Remote Code Execution Vulnerability author...............: Egidio Romano aka EgiX mail.................: n0b0d13satgmaildotcom software link........: http://www.freewebshop.org/ affected versions....: from 0.9.12 to 2.2.3 - vulnerable code in...

FreeWebshop 'ajax_save_name.php' RCE Vulnerability

FreeWebshop is prone to a remote code execution RCE vulnerability because the application fails to sufficiently sanitize user-supplied input. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

FreeWebShop 2.2.9 R2 - ajax_save_name.php Remote Code Execution

FreeWebShop 2.2.9 R2 - ajaxsavename.php Remote Code Execution get; 41. ifremoveTrailingSlash$sessionAction-getFolder == getParentPath$POST'id' && sizeof$selectedDocuments 42. 43. if$key = arraysearchbasename$POST'id', $selectedDocuments !== false 44. 45. $selectedDocuments$key = $POST'value'; 46...

FreeWebshop <= 2.2.9 R2 (ajax_save_name.php) Remote Code Execution

Exploit for php platform in category web applications get; 41. ifremoveTrailingSlash$sessionAction-getFolder == getParentPath$POST'id' && sizeof$selectedDocuments 42. 43. if$key = arraysearchbasename$POST'id', $selectedDocuments !== false 44. 45. $selectedDocuments$key = $POST'value';...

Log1 CMS 2.0 Multiple Vulnerabilities

Exploit for php platform in category web applications +---------------------------------------+ | Log1 CMS 2.0 Multiple Vulnerabilities | +---------------------------------------+ Vulnerable Web-App : Log1 CMS 2.0 Vulnerability : Multiple Vulnerabilities. Author : Aodrulez. Atul Alex Cherian Emai...