Joomla! Component GMapFP 3.5 - Arbitrary File Upload

Joomla! Component GMapFP 3.5 is vulnerable to arbitrary file upload vulnerabilities. An attacker can access the upload function of the application without authentication and can upload files because of unrestricted file upload which can be bypassed by changing Content-Type & name file too double...

Telesquare TLR-2005KSH 1.0.0 - Arbitrary File Upload

TLR-2005KSH is affected by an incorrect access control vulnerability. THe PUT method is enabled so an attacker can upload arbitrary files including HTML and CGI formats. id: CVE-2021-45428 info: name: Telesquare TLR-2005KSH 1.0.0 - Arbitrary File Upload author: gy741 severity: critical descriptio...

CVE-2024-11315 TRCore DVC - Arbitrary File Upload through Path Traversal

The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of uploaded files. This allows unauthenticated remote attackers to upload arbitrary files to any directory, leading to arbitrary code execution by uploading webshells...

WooCommerce Catalog Enquiry - Arbitrary File Upload

Email from user: "A 'fix' for the file upload vulnerability seems to have been introduced in version 3.0.2 with the cryptic description "Fixed some data issues." However I hope you're aware that the vulnerability still exists and can be exploited by simply changing Content-Type in the HTTP reques...

WordPress Plugin 0.9.7 Joomla! Component 2.0.0 Creative Contact Form - Arbitrary File Upload

WordPress Plugin 0.9.7 Joomla! Component 2.0.0 Creative Contact Form - Arbitrary File Upload !/usr/bin/python Exploit Name: Wordpress and Joomla Creative Contact Form Shell Upload Vulnerability Wordpress plugin version: = 0.9.7 Joomla extension version: = 2.0.0 Vulnerability discovered by Gianni...

vTiger CRM AddEmailAttachment arbitrary file upload

Added: 01/10/2014 CVE: CVE-2013-3214 BID: 61558 OSVDB: 95902 Background vTiger CRM is a customer relationship management application written in PHP. Problem An arbitrary file upload vulnerability when handling SOAP AddEmailAttachment requests allows remote attackers to execute arbitrary commands ...

WordPress Simple:Press Forum Plugin - Arbitrary File Upload

WordPressSimple:Press Forum plugin is prone to an arbitrary file upload vulnerability. It allows an attacker to upload arbitrary files to the affected computer. Solution Update the plugin...

ScriptsFeed (SF) Auto Classifieds Software - Arbitrary File Upload

ScriptsFeed SF Auto Classifieds Software - Arbitrary File Upload ScriptsFeed SF Auto Classifieds Software Remote File Upload ---------------------------------------------------------- Discovered By: ZoRLu Date: 13.11.2008 Home: www.z0rlu.blogspot.com contact: [email protected] N0T: YALNIZLIK,...

aspwebalbum 3.2 - Arbitrary File Upload SQL Injection Cross-Site Scripting

aspwebalbum 3.2 - Arbitrary File Upload SQL Injection Cross-Site Scripting - Discovered bay AleminKrali ==== - aspWebAlbum 3.2 - Script Download "http://www.fullrevolution.com" - aspWebAlbum 3.2 Single Site License | $60.00 : - HomePage al3m.blogspot.com...