6 matches found
EUVD-2026-41273
The Database for Contact Form 7, WPforms, Elementor forms plugin for WordPress is vulnerable to Arbitrary File Copy via the createentryel function in versions up to, and including, 1.5.1. The function reads rawvalue from Elementor Pro's FormRecord object for upload-type fields and passes it...
CVE-2021-43304
Heap buffer overflow in ClickHouse's LZ4 compression codec when parsing a malicious query. There is no verification that the copy operations in the LZ4::decompressImpl loop and especially the arbitrary copy operation wildCopyop, ip, copyend , don't exceed the destination buffer's limits. JFrog...
SPIP < 2.0.9 Arbitrary Copy All Passwords to XML File Remote Exploit
No description provided by source. !/usr/bin/env python SPIP - Content Management System 2.0.9 exploit http://www.securityfocus.com/bid/36008 Author : KernelPanik import urllib, urllib2 import cookielib import sys def sendrequesturlOpener, url, postdata=None: request = urllib2.Requesturl url =...
SPIP < 2.0.9 Arbitrary Copy All Passwords to XML File Remote Exploit
No description provided by source. !/usr/bin/env python SPIP - Content Management System 2.0.9 exploit http://www.securityfocus.com/bid/36008 Author : KernelPanik import urllib, urllib2 import cookielib import sys def sendrequesturlOpener, url, postdata=None: request = urllib2.Requesturl url =...
SPIP 2.0.9 - Arbitrary Copy All Passwords to .XML File
SPIP 2.0.9 - Arbitrary Copy All Passwords to .XML File !/usr/bin/env python SPIP - Content Management System " exit filename = sys.argv2 baseurl = sys.argv1 cookiejar = cookielib.CookieJar urlOpener = urllib2.buildopenerurllib2.HTTPCookieProcessorcookiejar formulaire = sendrequesturlOpener,...
lightneasy-multi.txt
Author: GiReX mySite: girex.altervista.org Date: 14/04/08 CMS: LightNEasy SQLite / no database = 1.2.2 Site: lightneasy.org Advisory: Multiple Remote Vulnerabilities Need: magicquotesgpc = Off magicquotesgpc = On / Off for SQL Injections Bug 1: Remote File Disclosure Affected: SQLite / no databas...