7 matches found
PT-2026-49203
Responsive FileManager's allows an unauthenticated attacker to upload files of any type and extension without restriction using dialog.php endpoint, leading to Remote Code Execution. This project is unmaintained at the time of CVE assignment. The vulnerability was found in the latest release 9.14...
CVE-2018-18061
An issue was discovered in dialog.php in tecrail Responsive FileManager 9.8.1. Attackers can access the file manager interface that provides them with the ability to upload and delete files...
CVE-2017-15811
The Pootle Button plugin before 1.2.0 for WordPress has XSS via the assetsurl parameter in assets/dialog.php, exploitable via wp-admin/admin-ajax.php...
Smart related articles cross-site scripting vulnerability
Smart related articles is a content management system extension. A cross-site scripting vulnerability exists in dialog.php in Smart related articles for Joomla!...
Smart related articles SQL Injection Vulnerability
Smart related articles is a content management system extension. An SQL injection vulnerability exists in Smart related articles 'dialog.php' for Joomla! An attacker must use the searchcats variable in the POST method to exploit this vulnerability and obtain sensitive database information...
Buffer overflow
Buffer overflow in a certain ActiveX control in LTRDF14e.DLL 14.5.0.44 in LeadTools Raster Dialog File Object allows remote attackers to execute arbitrary code via a long Directory property value...
CVE-2007-2895
CVE-2007-2895 describes a buffer overflow in LeadTools Raster Dialog File Object’s ActiveX control LTRDF14e.DLL 14.5.0.44. The vulnerability allows remote code execution when an attacker supplies a long Directory property value, as noted across NVD and CVE records. The affected component is an Ac...