3 matches found
CVE-2014-2223
Plogger 1.0 RC1 and earlier contain an unrestricted file upload flaw in plog-admin/plog-upload.php. An authenticated user can upload a ZIP containing a PHP payload and a non-zero length PNG, then access the PHP file under plog-content/uploads/archive/ to execute arbitrary code. The vulnerability ...
Plogger 1.0-RC1 - Authenticated Arbitrary File Upload
No description provided by source. !/usr/bin/env python Exploit Title: Plogger Authenticated Arbitrary File Upload Date: Feb 2014 Exploit Author: b0z Vendor Homepage: www.plogger.org Software Link: www.plogger.org/download Version: Plogger prior to 1.0-RC1 CVE : 2014-2223 import hashlib import os...
Plogger 1.0-RC1 - (Authenticated) Arbitrary File Upload
Plogger 1.0-RC1 - Authenticated Arbitrary File Upload !/usr/bin/env python Exploit Title: Plogger Authenticated Arbitrary File Upload Date: Feb 2014 Exploit Author: b0z Vendor Homepage: www.plogger.org Software Link: www.plogger.org/download Version: Plogger prior to 1.0-RC1 CVE : 2014-2223 impor...