16 matches found
EUVD-2015-9303
Malware in sbrugna...
EUVD-2015-9304
Malware in sbrugna...
CVE-2015-9463
The s3bubble-amazon-s3-audio-streaming plugin 2.0 for WordPress has directory traversal via the adverts/assets/plugins/ultimate/content/downloader.php path parameter...
CVE-2024-43022
An issue in the downloader.php component of TOSEI online store management system v4.02, v4.03, and v4.04 allows attackers to execute a directory traversal...
CVE-2024-43022
An issue in the downloader.php component of TOSEI online store management system v4.02, v4.03, and v4.04 allows attackers to execute a directory traversal...
CVE-2024-43022
An issue in the downloader.php component of TOSEI online store management system v4.02, v4.03, and v4.04 allows attackers to execute a directory traversal...
The vulnerability of the downloader.php plugin of the WordPress Automatic Plugin system for website content management allows a attacker to perform an SSRF attack.
The vulnerability of the downloader.php plugin in the WordPress Automatic Plugin system for website content management involves insufficient validation of incoming requests. Exploiting this vulnerability could allow a malicious actor to execute an SSRF attack remotely...
SolarView Compact 6.00 Remote Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SolarView Compact unauthenticated remote command execution vulnerability.', 'Description' = %q CONTEC's SolarView™ Series enables you to monitor...
CVE-2023-23333
There is a command injection vulnerability in SolarView Compact through 6.00, attackers can execute commands by bypassing internal restrictions through downloader.php...
Command injection
There is a command injection vulnerability in SolarView Compact through 6.00, attackers can execute commands by bypassing internal restrictions through downloader.php...
CVE-2023-23333
There is a command injection vulnerability in SolarView Compact through 6.00, attackers can execute commands by bypassing internal restrictions through downloader.php...
CVE-2023-23333
SolarView Compact 6.00 is affected by an OS command injection via downloader.php, allowing remote code execution. The vulnerability arises from an insecure file parameter in downloader.php that can bypass internal restrictions. Public exploit templates (including Metasploit module) describe obtai...
PT-2023-1590 · Unknown · Solarview Compact
Name of the Vulnerable Software and Affected Versions: SolarView Compact versions 6.00 and earlier Description: The issue is related to a command injection vulnerability, which allows attackers to execute commands by bypassing internal restrictions through the downloader.php endpoint. This is due...
CVE-2023-23333
There is a command injection vulnerability in SolarView Compact through 6.00, attackers can execute commands by bypassing internal restrictions through downloader.php...
PT-2022-13669 · WordPress · Simple File List
Name of the Vulnerable Software and Affected Versions: Simple File List WordPress plugin versions up to and including 3.2.7 Description: The issue allows unauthenticated attackers to download arbitrary files due to missing controls in the eeFile parameter found in the /includes/ee-downloader.php...
Directory traversal
The s3bubble-amazon-s3-html-5-video-with-adverts plugin 0.7 for WordPress has directory traversal via the adverts/assets/plugins/ultimate/content/downloader.php path parameter...