EUVD-2011-3934

Malware in sbrugna...

WordPress AllWebMenus Plugin <= 1.1.9 - Shell Upload

This plugin is prone to PHP shell upload vulnerability. Solution Update the plugin...

AllWebMenus < 1.1.9 WordPress Menu Plugin Arbitrary File Upload

No description provided by source. Exploit Title: AllWebMenus WordPress Menu Plugin Arbitrary file upload Version: 1.1.9 Date: 2012-01-19 Author: 6Scan http://6scan.com security team Software Link: http://wordpress.org/extend/plugins/allwebmenus-wordpress-menu-plugin/ Official fix: This advisory ...

Wordpress AllWebMenus Plugin 1.1.3 - Remote File Inclusion

No description provided by source. Exploit Title: Allwebmenus Wordpress Menu Plugin Wordpress plugin RFI Google Dork: inurl:wp-content/plugins/allwebmenus-wordpress-menu-plugin Date: 09/19/2011 Author: Ben Schmidt supernothing AT spareclockcycles.org @supernothing Software Link:...

WordPress AllWebMenus WordPress Menu Plugin 1.1.8 File Upload

File upload vulnerability in WordPress AllWebMenus WordPress Menu Plugin Vulnerability Type: File Upload For the exploit source code contact DSquare Security sales team...

CVE-2012-1011

actions.php in the AllWebMenus plugin 1.1.8 for WordPress allows remote attackers to bypass intended access restrictions to upload and execute arbitrary PHP code by setting the HTTPREFERER to a certain value, then uploading a ZIP file containing a PHP file, then accessing it via a direct request ...

CVE-2012-1010

Unrestricted file upload vulnerability in actions.php in the AllWebMenus plugin before 1.1.8 for WordPress allows remote attackers to execute arbitrary PHP code by uploading a ZIP file containing a PHP file, then accessing it via a direct request to the file in an unspecified directory...

Unrestricted file upload

Unrestricted file upload vulnerability in actions.php in the AllWebMenus plugin before 1.1.8 for WordPress allows remote attackers to execute arbitrary PHP code by uploading a ZIP file containing a PHP file, then accessing it via a direct request to the file in an unspecified directory...

CVE-2012-1010

AllWebMenus WordPress Plugin vulnerability CVE-2012-1010: Unrestricted/arbitrary file upload in actions.php prior to 1.1.8 allows remote attackers to upload a ZIP containing a PHP file and execute code via a direct request to the uploaded file. Affected product: WordPress plugin AllWebMenus (vers...

CVE-2012-1011

The CVE-2012-1011 entry involves actions.php in the AllWebMenus WordPress plugin (version 1.1.8). The vulnerability allows remote attackers to bypass access restrictions to upload and execute arbitrary PHP code by setting HTTP_REFERER to a specific value, uploading a ZIP containing a PHP file, an...

CVE-2012-1010

Unrestricted file upload vulnerability in actions.php in the AllWebMenus plugin before 1.1.8 for WordPress allows remote attackers to execute arbitrary PHP code by uploading a ZIP file containing a PHP file, then accessing it via a direct request to the file in an unspecified directory...

AllWebMenus Shell Upload < 1.1.9 - Shell Upload

The AllWebMenus WordPress Menu Plugin WordPress plugin was affected by a Shell Upload security vulnerability...

WordPress AllWebMenus Shell Upload

Exploit Title: AllWebMenus WordPress Menu Plugin Arbitrary file upload Version: Compress it with zip to awm.zip Use this form to upload the php file to the server Version 1.1.8 also checks the source referrer, so you have to use scripting language or spoof it in another way to set the HTTPREFERER...

WordPress Plugin AllWebMenus 1.1.9 Menu Plugin - Arbitrary File Upload

WordPress Plugin AllWebMenus 1.1.9 Menu Plugin - Arbitrary File Upload Exploit Title: AllWebMenus WordPress Menu Plugin Arbitrary file upload Version: Compress it with zip to awm.zip Use this form to upload the php file to the server Version 1.1.8 also checks the source referrer, so you have to u...

WordPress AllWebMenus Plugin < 1.1.9 - Arbitrary File Upload

AllWebMenus plugin is prone to a arbitrary file upload vulnerability that occurs because the application fails to adequately clean up user-supplied input. Lack of checks in script actions.php allows an attacker to upload upload any file to the vulnerable server. Other attacks are also possible...

AllWebMenus < 1.1.9 WordPress Menu Plugin Arbitrary File Upload

Exploit for php platform in category web applications Exploit Title: AllWebMenus WordPress Menu Plugin Arbitrary file upload Version: Compress it with zip to awm.zip Use this form to upload the php file to the server Version 1.1.8 also checks the source referrer, so you have to use scripting...

WordPress Plugin AllWebMenus &lt; 1.1.9 Menu Plugin - Arbitrary File Upload

Exploit Title: AllWebMenus WordPress Menu Plugin Arbitrary file upload Version: Compress it with zip to awm.zip Use this form to upload the php file to the server Version 1.1.8 also checks the source referrer, so you have to use scripting language or spoof it in another way to set the HTTPREFERER...

WordPress AllWebMenus Plugin 'abspath' Parameter Remote File Include Vulnerability

The AllWebMenus plug-in for WordPress is prone to a remote file- include vulnerability because it fails to sufficiently sanitize user- supplied input. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respecti...

CVE-2011-3981

PHP remote file inclusion vulnerability in actions.php in the Allwebmenus plugin 1.1.3 for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the abspath parameter...

Remote file inclusion

PHP remote file inclusion vulnerability in actions.php in the Allwebmenus plugin 1.1.3 for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the abspath parameter...