4 matches found
CH-CMS.ch 2 - Arbitrary File Upload
======================================================================================== | Title CH-CMS.ch-V2 Upload Vulnerability | Author El-Kahina | email please forgive me $ | Web Site http://kewlshare.com/dl/f1b6b4d587ab/95Final2bugfixinstall.rar.html $ | Script copyright 2007/08 by...
CVE-2006-4759
PunBB 1.2.12 does not properly handle an avatar directory pathname ending in %00, which allows remote authenticated administrative users to upload arbitrary files and execute code, as demonstrated by a query to adminoptions.php with an avatarsdir parameter ending in %00. NOTE: this issue was...
CVE-2006-4759
PunBB 1.2.12 does not properly handle an avatar directory pathname ending in %00, which allows remote authenticated administrative users to upload arbitrary files and execute code, as demonstrated by a query to adminoptions.php with an avatarsdir parameter ending in %00. NOTE: this issue was...
punbb -- NULL byte injection vulnerability
CVE Mitre reports: PunBB 1.2.12 does not properly handle an avatar directory pathname ending in %00, which allows remote authenticated administrative users to upload arbitrary files and execute code, as demonstrated by a query to adminoptions.php with an avatarsdir parameter ending in %00. NOTE:...