CMS Bolt File Upload Vulnerability

Bolt CMS contains a flaw that allows an authenticated remote attacker to execute arbitrary PHP code. This module was tested on version 2.2.4. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'CMS...

AjaxPortal di.php File Inclusion (CVE-2009-2262)

A remote file inclusion vulnerability has been reported in AjaxPortal. The vulnerability is caused due to improper handling of crafted URL using the "pathtoserverdata" parameter. Successful exploitation will let the remote attacker to execute arbitrary PHP code...

Netsweeper 4.0.9 - Multiple Vulnerabilities

Exploit for php platform in category web applications Netsweeper 4.0.9 - Multiple Vulnerabilities +--------------------------------------------------------+ + Netsweeper 4.0.9 - Arbitrary File Upload and Execution + +--------------------------------------------------------+ Affected Product:...

FreeBSD : pivotx -- Multiple unrestricted file upload vulnerabilities (7313b0e3-27b4-11e5-a15a-50af736ef1c0)

Pivotx reports : Multiple unrestricted file upload vulnerabilities in fileupload.php in PivotX before 2.3.9 allow remote authenticated users to execute arbitrary PHP code by uploading a file with a 1 .php or 2 .php extension, and then accessing it via unspecified vectors. %NASLMINLEVEL 70300 C...

Sql injection

Eval injection vulnerability in the HttpCache class in HttpKernel in Symfony 2.x before 2.3.27, 2.4.x and 2.5.x before 2.5.11, and 2.6.x before 2.6.6 allows remote attackers to execute arbitrary PHP code via a language="php" attribute of a SCRIPT element...

CVE-2015-2308

Eval injection vulnerability in the HttpCache class in HttpKernel in Symfony 2.x before 2.3.27, 2.4.x and 2.5.x before 2.5.11, and 2.6.x before 2.6.6 allows remote attackers to execute arbitrary PHP code via a language="php" attribute of a SCRIPT element...

CVE-2015-2308

Eval injection vulnerability in the HttpCache class in HttpKernel in Symfony 2.x before 2.3.27, 2.4.x and 2.5.x before 2.5.11, and 2.6.x before 2.6.6 allows remote attackers to execute arbitrary PHP code via a language="php" attribute of a SCRIPT element...

CVE-2015-4726

PHP remote file inclusion vulnerability in ajax/myajaxphp.php in AudioShare 2.0.2 allows remote attackers to execute arbitrary PHP code via a URL in the config'basedir' parameter...

Remote file inclusion

PHP remote file inclusion vulnerability in ajax/myajaxphp.php in AudioShare 2.0.2 allows remote attackers to execute arbitrary PHP code via a URL in the config'basedir' parameter...

CVE-2015-4726

PHP remote file inclusion vulnerability in ajax/myajaxphp.php in AudioShare 2.0.2 allows remote attackers to execute arbitrary PHP code via a URL in the config'basedir' parameter...

Code injection

Static code injection vulnerability in the XCloner plugin 3.1.2 for WordPress allows remote authenticated users to inject arbitrary PHP code into the language files via a Translation LMFRONT field for a language, as demonstrated by language/italian.php...

Wordpress RevSlider File Upload and Execute Vulnerability

This module exploits an arbitrary PHP code upload in the WordPress ThemePunch Revolution Slider revslider plugin, version 3.0.95 and prior. The vulnerability allows for arbitrary file upload and remote code execution. Usage Info msf use exploit/unix/webapp/wprevslideruploadexecute msf...

WordPress RevSlider File Upload and Execute Vulnerability

This module exploits an arbitrary PHP code upload vulnerability in the WordPress ThemePunch Slider Revolution RevSlider plugin, versions 3.0.95 and prior. The vulnerability allows for arbitrary file upload and remote code execution. This module requires Metasploit: https://metasploit.com/download...

Bomgar Remote Support Portal deserializes untrusted data

Overview Bomgar Remote Support version 14.3.1 and possibly earlier versions deserialize untrusted data without sufficient validation, allowing an attacker to potentially execute arbitrary PHP code. Description CWE-502: Deserialization of Untrusted Data Bomgar Remote Support version 14.3.1 and...

WordPress TheCartPress Plugin 1.3.9 - Multiple Vulnerabilities

Exploit for php platform in category web applications Product: TheCartPress WordPress plugin Vendor: TheCartPress team Vulnerable Versions: 1.3.9 and probably prior Tested Version: 1.3.9 Advisory Publication: April 8, 2015 without technical details Vendor Notification: April 8, 2015 Public...

WordPress Work The Flow Plugin - Upload Vulnerability

This vulnerability allows an attacker to upload arbitrary PHP code and execute it. Solution Update the plugin...

WordPress Work The Flow Upload

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Wordpress Work The Flow Upload Vulnerability', 'Description' = %q This module exploits an arbitrary PHP code upload in the WordPress...

Wordpress N-Media Website Contact Form Upload Vulnerability

This module exploits an arbitrary PHP code upload in the WordPress N-Media Website Contact Form plugin, version 1.3.4. The vulnerability allows for arbitrary file upload and remote code execution. This module requires Metasploit: https://metasploit.com/download Current source:...

Wordpress Creative Contact Form Upload Vulnerability

This module exploits an arbitrary PHP code upload in the WordPress Creative Contact Form version 0.9.7. The vulnerability allows for arbitrary file upload and remote code execution. This module requires Metasploit: https://metasploit.com/download Current source:...

Multiple Vulnerabilities in TheCartPress WordPress plugin

High-Tech Bridge Security Research Lab discovered multiple vulnerabilities in TheCartPress WordPress plugin, which can be exploited to execute arbitrary PHP code, disclose sensitive data, and perform Cross-Site Scripting attacks against users of WordPress installations with the vulnerable plugin....