12 matches found
Directory Traversal
Overview phpbb/phpbb is a Forum Software application. Affected versions of this package are vulnerable to Directory Traversal via the plupload process and the phar:// stream wrapper. An attacker can execute arbitrary code by uploading a crafted archive containing serialized PHP objects that are...
EUVD-2019-20103
phpBB contains an arbitrary file upload vulnerability that allows authenticated attackers to upload malicious files by exploiting the plupload functionality and phar:// stream wrapper. Attackers can upload a crafted zip file containing serialized PHP objects that execute arbitrary code when...
CVE-2019-25685
...
CVE-2024-7906
A vulnerability classified as critical was found in DedeBIZ 6.3.0. This vulnerability affects the function getmimetype of the file /admin/dialog/selectimagespost.php of the component Attachment Settings. The manipulation of the argument upload leads to unrestricted upload. The attack can be...
CVE-2024-7906
A vulnerability classified as critical was found in DedeBIZ 6.3.0. This vulnerability affects the function getmimetype of the file /admin/dialog/selectimagespost.php of the component Attachment Settings. The manipulation of the argument upload leads to unrestricted upload. The attack can be...
CVE-2024-7906 DedeBIZ Attachment Settings select_images_post.php get_mime_type unrestricted upload
A vulnerability classified as critical was found in DedeBIZ 6.3.0. This vulnerability affects the function getmimetype of the file /admin/dialog/selectimagespost.php of the component Attachment Settings. The manipulation of the argument upload leads to unrestricted upload. The attack can be...
CVE-2024-7906 DedeBIZ Attachment Settings select_images_post.php get_mime_type unrestricted upload
A vulnerability classified as critical was found in DedeBIZ 6.3.0. This vulnerability affects the function getmimetype of the file /admin/dialog/selectimagespost.php of the component Attachment Settings. The manipulation of the argument upload leads to unrestricted upload. The attack can be...
Oracle Weblogic Server - Deserialization Remote Command Execution (Patch Bypass) Exploit
Oracle Weblogic Server - Deserialization Remote Command Execution Patch Bypass Exploit // All greets goes to RIPS Tech // Run this JS on Attachment Settings ACP page var pluploadsalt = ''; var formtoken = ''; var creationtime = ''; var filepath =...
phpBB 3.2.3 - Remote Code Execution Exploit
Exploit for php platform in category web applications phpBB 3.2.3 - Remote Code Execution Exploit // All greets goes to RIPS Tech // Run this JS on Attachment Settings ACP page var pluploadsalt = ''; var formtoken = ''; var creationtime = ''; var filepath =...
Oracle Weblogic Server Deserialization Remote Command Execution
// All greets goes to RIPS Tech // Run this JS on Attachment Settings ACP page var pluploadsalt = ''; var formtoken = ''; var creationtime = ''; var filepath = 'phar://./../files/plupload/$saltaaae9cba5fdadb1f0c384934cd20d11czip.part'; // md5'evil.zip' = aaae9cba5fdadb1f0c384934cd20d11czip // you...
phpBB 3.2.3 - Remote Code Execution
// All greets goes to RIPS Tech // Run this JS on Attachment Settings ACP page var pluploadsalt = ''; var formtoken = ''; var creationtime = ''; var filepath = 'phar://./../files/plupload/$saltaaae9cba5fdadb1f0c384934cd20d11czip.part'; // md5'evil.zip' = aaae9cba5fdadb1f0c384934cd20d11czip // you...
phpBB 3.2.3 - Remote Code Execution
phpBB 3.2.3 - Remote Code Execution // All greets goes to RIPS Tech // Run this JS on Attachment Settings ACP page var pluploadsalt = ''; var formtoken = ''; var creationtime = ''; var filepath = 'phar://./../files/plupload/$saltaaae9cba5fdadb1f0c384934cd20d11czip.part'; // md5'evil.zip' =...