CCOM Events CMS 0.1.02 Arbitrary File Upload

==================================================================================================================================== | Title : CCOM Events CMS v0.1.02 upload Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 66.0.264-bit | |...

Unrestricted file upload

Unrestricted file upload vulnerability in webadmin/ajaxfilemanager/ajaxfilemanager.php in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote authenticated users with admin privileges on the Cloud Manager web console to execute arbitrary PHP code by uploading a file...

Open-Letters 1.0.5 /external_scripts/tinymce/plugins/ajaxfilemanager/ajax_create_folder.php 代码执行漏洞

No description provided by source...

Open-Letters - Remote PHP Code Injection

/ errorreporting0; settimelimit0; iniset"defaultsockettimeout", 5; function httpsend$host, $packet if !$sock = fsockopen$host, 80 die "\n- No response from $host:80\n"; fwrite$sock, $packet; return streamgetcontents$sock; print "+ Author: TUNISIAN CYBER\n"; print "+ Script coded BY: Egidio Romano...

Portili Personal and Team Wiki <= 1.14 - Multiple Vulnerabilities

No description provided by source. Abysssec Inc Public Advisory Title : Portili Personal and Team Wiki Multiple Remote Vulnerabilities Affected Version : Portili Personal and Team Wik = 1.14 Vendor Site : www.Portili.com Discovery : www.Abysssec.com Vendor Contact : 10/4/2009 Vendor Response :...

Wordpress Plugin Wp-FileManager 1.2 - Remote Upload Vulnerability

No description provided by source. AUTHOR : H-T TeaM HouSSaMix ToXiC350 HOME : http://no-hack.net Script : Wordpress Plugin Wp-FileManager Download : http://downloads.wordpress.org/plugin/wp-filemanager.1.2.zip BUG : Remote File Upload Vulnerability Shell Upload Exploit | 3xpl0it4t10n : This file...

Log1 CMS 2.0 - Multiple Vulnerabilities

No description provided by source. +---------------------------------------+ | Log1 CMS 2.0 Multiple Vulnerabilities | +---------------------------------------+ Vulnerable Web-App : Log1 CMS 2.0 Vulnerability : Multiple Vulnerabilities. Author : Aodrulez. Atul Alex Cherian Email :...

aidiCMS 3.55 - (ajax_create_folder.php) Remote Code Execution

No description provided by source. ?php / -------------------------------------------------------------------- aidiCMS v3.55 ajaxcreatefolder.php Remote Code Execution Exploit -------------------------------------------------------------------- author............: Egidio Romano aka EgiX...

WordPress Plugin Zarzadzonie Kontem - &#039;ajaxfilemanager.php&#039; Script Arbitrary File Upload

source: https://www.securityfocus.com/bid/56663/info The Zarzadzonie Kontem plugin for WordPress is prone to an arbitrary file-upload vulnerability because it fails to adequately validate files before uploading them. An attacker may leverage this issue to upload arbitrary files to the affected...

e107 Hupsi Media Gallery 1.0 Shell Upload

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...

Log1 CMS writeInfo() PHP Code Injection

This module exploits the "Ajax File and Image Manager" component that can be found in log1 CMS. In function.base.php of this component, the 'data' parameter in writeInfo allows any malicious user to have direct control of writing data to file data.php, which results in arbitrary remote code...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Prestashop before 1.5 allow remote attackers to inject arbitrary web script or HTML via the 1 address or 2 relativbasedir parameter to modules/mondialrelay/googlemap.php; the 3 relativbasedir, 4 Pays, 5 Ville, 6 CP, 7 Poids, 8 Action, or 9 num...

Manx 1.0.1 Cross Site Scripting

Manx cms.xml 1.0.1 ajaxgetfilelisting.php Multiple XSS Vulnerabilities Vendor: Paul Jova Product web page: http://manx.jovascript.com Affected version: 1.0.1 Summary: Manx is a Content Management System that uses xml text files to store the page contents, instead of a mysql database. Desc: Input...

Wordpress Zingiri Plugin &lt;= 2.2.3 (ajax_save_name.php) Remote Code Execution

No description provided by source. ?php / ------------------------------------------------------------------------ Wordpress Zingiri Web Shop Plugin = 2.2.3 Remote Code Execution Exploit ------------------------------------------------------------------------ author...............: Egidio Romano...

WordPress Plugin Zingiri 2.2.3 - &#039;ajax_save_name.php&#039; Remote Code Execution

get; 41. ifremoveTrailingSlash$sessionAction-getFolder == getParentPath$POST'id' && sizeof$selectedDocuments 42. 43. if$key = arraysearchbasename$POST'id', $selectedDocuments !== false 44. 45. $selectedDocuments$key =...

ZenPhoto 1.4.1.4 - ajax_create_folder.php Remote Code Execution

ZenPhoto 1.4.1.4 - ajaxcreatefolder.php Remote Code Execution ?php / -------------------------------------------------------------------------- Zenphoto = 1.4.1.4 ajaxcreatefolder.php Remote Code Execution Exploit --------------------------------------------------------------------------...

aidiCMS 3.55 - &#039;ajax_create_folder.php&#039; Remote Code Execution

?php / -------------------------------------------------------------------- aidiCMS v3.55 ajaxcreatefolder.php Remote Code Execution Exploit -------------------------------------------------------------------- author............: Egidio Romano aka EgiX mail..............: n0b0d13satgmaildotcom...

TinyMCE AjaxFileManager Shell Upload

Title : TinyMCE ajaxfilemanager Upload Vulnerability Author: Dr Trojan Greets to all my friends and everyone i know www.paksecteam.com Vendor: http://www.phpletter.com/Demo/Tinymce-Ajax-File-Manager/ Email : [email protected] Date : 29/05/2011 Dork : "tinymce/plugins/ajaxfilemanager" Category :...

Log1 CMS 2.0 Multiple Vulnerabilities

Exploit for php platform in category web applications +---------------------------------------+ | Log1 CMS 2.0 Multiple Vulnerabilities | +---------------------------------------+ Vulnerable Web-App : Log1 CMS 2.0 Vulnerability : Multiple Vulnerabilities. Author : Aodrulez. Atul Alex Cherian Emai...

Log1 CMS File Modification / Download

+---------------------------------------+ | Log1 CMS 2.0 Multiple Vulnerabilities | +---------------------------------------+ Vulnerable Web-App : Log1 CMS 2.0 Vulnerability : Multiple Vulnerabilities. Author : Aodrulez. Atul Alex Cherian Email : [email protected] Google-Dork : "POWERED BY LOG...