5077 matches found
CVE-2014-2027
eGroupware before 1.8.006.20140217 allows remote attackers to conduct PHP object injection attacks, delete arbitrary files, and possibly execute arbitrary code via the 1 addrfields or 2 trans parameter to addressbook/csvimport.php, 3 calfields or 4 trans parameter to calendar/csvimport.php, 5...
CVE-2014-2027
eGroupware before 1.8.006.20140217 allows remote attackers to conduct PHP object injection attacks, delete arbitrary files, and possibly execute arbitrary code via the 1 addrfields or 2 trans parameter to addressbook/csvimport.php, 3 calfields or 4 trans parameter to calendar/csvimport.php, 5...
WordPress InBoundio Marketing Plugin 1.0 /admin/partials/csv_uploader.php 文件上传漏洞
/admin/partials/csvuploader.php?php $ds = DIRECTORYSEPARATOR; //1 $storeFolder = 'uploadedcsv'; //2 if !empty$FILES $FILES'file''name' = pregreplace'/^A-Za-z0-9 .-/', '', $FILES'file''name'; $FILES'file''name' = pregreplace'/\s+/', '', $FILES'file''name'; $tempFile = $FILES'file''tmpname'; //3...
Import any XML or CSV File to WordPress <= 3.2.4 - Multiple Vulnerabilities
Multiple issues were fixed, such as Authenticated SQL Injection, Authenticated Reflected XSS and Unauthorised access to some methods...
RAWR - Rapid Assessment of Web Resources
Features A customizable CSV containing ordered information gathered for each host, with a field for making notes/etc. An elegant, searchable, JQuery-driven HTML report that shows screenshots, diagrams, and other information. A report on relevent security headers, courtesy of SmeegeSec. a CSV Thre...
Windows 2012/2012R2 leaks memory when a hardware snapshot is created multiple times on a CSV
Challenge Windows 2012 / 2012 R2 Hyper-V hosts leak memory when a hardware snapshot is created/removed multiple times on a CSV with a hardware provider. Cause Windows 2012 / 2012 R2 Hyper-V hosts leak memory when a snapshot is created on a CSV using hardware provider. Due to the fact that only a...
Import any XML or CSV File to WordPress <= 3.2.3 - RCE
WP All Import does not properly verify that a user has permission to execute functions. Coupled with an interesting method that allows arbitrary functions in specific objects to be called allows this to be leveraged in many ways...
WordPress Ultimate CSV Importer Plugin <= 3.6.74 Information Disclosure
Because of this vulnerability, remote attackers can disclose usernames, hashed passwords and email addresses for all users. Solution Update the plugin...
WP Ultimate CSV Importer <= 3.6.74 - Database Table Export
Due to lack of verification of a visitors permissions, it is possible to execute the ‘export.php’ script included in the default installation of this plugin, and retrieve the full contents of the user table in the WordPress installation. This results in full disclosure of usernames, hashed...
WordPress Ultimate CSV Importer User Table Extract
Due to lack of verification of a visitor's permissions, it is possible to execute the 'export.php' script included in the default installation of the Ultimate CSV Importer plugin and retrieve the full contents of the user table in the WordPress installation. This results in full disclosure of...
RAWR – Rapid Assessment of Web Resources
RAWR is designed to make the process of web enumeration easy and efficient by providing pertinent information in usable formats. It uses NMaplive or from file, Metasploit, Qualys, Nexpose, or Nessus scan data to target web services for enumeration, then visits each host on each port with an...
WordPress Plugin Pie Register Has Unspecified Vulnerability
WordPress is the WordPress Software Foundation of a set of PHP language development of the blogging platform, the platform supports PHP and MySQL server set up a personal blog site . Pie Register is one of the plug-ins that support customizing the member registration landing page . A security...
Deserialization of untrusted data
The Pie Register plugin before 2.0.14 for WordPress does not properly restrict access to certain functions in pie-register.php, which allows remote attackers to 1 add a user by uploading a crafted CSV file or 2 activate a user account via a verifyit action...
Wordpress Pie Register Plugin 2.0.13 - Privilege Escalation Vulnerability
Exploit for php platform in category web applications Exploit Title: Pie Register 2.0.13 Privilege escalation Date: 16-10-2014 Software Link: https://wordpress.org/plugins/pie-register/ Exploit Author: Kacper Szurek Contact: http://twitter.com/KacperSzurek Website: http://security.szurek.pl/ CVE:...
WordPress Plugin Pie Register 2.0.13 - Privilege Escalation
WordPress Plugin Pie Register 2.0.13 - Privilege Escalation Exploit Title: Pie Register 2.0.13 Privilege escalation Date: 16-10-2014 Software Link: https://wordpress.org/plugins/pie-register/ Exploit Author: Kacper Szurek Contact: http://twitter.com/KacperSzurek Website: http://security.szurek.pl...
WordPress Plugin Pie Register 2.0.13 - Privilege Escalation
Exploit Title: Pie Register 2.0.13 Privilege escalation Date: 16-10-2014 Software Link: https://wordpress.org/plugins/pie-register/ Exploit Author: Kacper Szurek Contact: http://twitter.com/KacperSzurek Website: http://security.szurek.pl/ CVE: CVE-2014-8802 Category: webapps 1. Description Anyone...
WordPress Pie Register Plugin 2.0.13 - Privilege Escalation
This vulnerability allows anyone to import CSV file and the plugin import users from this "pie-register\pie-register.php" file. Solution Update to version 2.0.14...
SQL Buddy 1.3.3 Remote Code Execution
Exploit Title: SQL Buddy Remote Code Execution Date: November 29 2014 Exploit Author: Fady Osman @fadyosman Youtube Channel : https://www.youtube.com/user/cutehack3r Vendor Homepage: http://sqlbuddy.com/ Software Link: https://github.com/calvinlough/sqlbuddy/raw/gh-pages/sqlbuddy.zip Version: SQL...
SQL Buddy 1.3.3 - Remote Code Execution
Exploit Title: SQL Buddy Remote Code Execution Date: November 29 2014 Exploit Author: Fady Osman @fadyosman Youtube Channel : https://www.youtube.com/user/cutehack3r Vendor Homepage: http://sqlbuddy.com/ Software Link: https://github.com/calvinlough/sqlbuddy/raw/gh-pages/sqlbuddy.zip Version: SQL...
[SECURITY] Fedora 20 Update: phpMyAdmin-4.2.12-1.fc20
phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the World Wide Web. Most frequently used operations are supported by the user interface managing databases, tables, fields, relations, index es, users, permissions, while you still have the ability to directly...