EUVD-2018-12734

Malware in sbrugna...

CVE-2018-20166

A file-upload vulnerability exists in Rukovoditel 2.3.1. index.php?module=configuration/save allows the user to upload a background image, and mishandles extension checking. It accepts uploads of PHP content if the first few characters match GIF data, and the filename ends in ".php" with mixed...

Unrestricted file upload

A file-upload vulnerability exists in Rukovoditel 2.3.1. index.php?module=configuration/save allows the user to upload a background image, and mishandles extension checking. It accepts uploads of PHP content if the first few characters match GIF data, and the filename ends in ".php" with mixed...

CVE-2018-20166

A file-upload vulnerability exists in Rukovoditel 2.3.1. index.php?module=configuration/save allows the user to upload a background image, and mishandles extension checking. It accepts uploads of PHP content if the first few characters match GIF data, and the filename ends in ".php" with mixed...

CVE-2018-20166

CVE-2018-20166 — Rukovoditel 2.3.1 file-upload PM/CRM vulnerability Affects: Rukovoditel Project Management CRM version 2.3.1. The flaw is in index.php?module=configuration/save, where extension checks are mishandled and a PHP payload can be uploaded as a background image (e.g., PHP content with ...

Rukovoditel Project Management CRM 2.3.1 Remote Code Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'uri' class MetasploitModule 'Rukovoditel Project Management/CRM 2.3.1 - Authenticated Remote Code Execution', 'Description' = %q This module...

Intex Router N-150 - Arbitrary File Upload

Intex Router N-150 - Arbitrary File Upload Exploit Title:​​ Intex Router N-150 - Arbitrary File Upload Date: 2018-06-23 Exploit Author: Samrat Das Version: N-150 CVE : N/A Category: Router Firmware 1. Description The firmware allows malicious files to be uploaded without any checking of extension...

In-portal 5.0.3 Remote Arbitrary File Upload Exploit

Exploit for php platform in category web applications ==================================================== In-portal 5.0.3 Remote Arbitrary File Upload Exploit ==================================================== Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

Seagull PHP Framework 0.6.4 - 'FCKeditor' Arbitrary File Upload

?php / ------------------------------------------------------------------------ Seagull PHP Framework = 0.6.4 fckeditor Arbitrary File Upload Exploit ------------------------------------------------------------------------ author...: EgiX mail.....: n0b0d13satgmaildotcom link.....:...

Seagull PHP Framework <= 0.6.4 (fckeditor) Arbitrary File Upload Exploit

Exploit for unknown platform in category web applications ======================================================================== Seagull PHP Framework = 0.6.4 fckeditor Arbitrary File Upload Exploit ======================================================================== ?php /...

Coppermine Photo Gallery remote compromise

---AFFECTED SOFTWARE--- From the website, http://www.chezgreg.net/coppermine/: "Coppermine Photo Gallery is a picture gallery script. Users can upload pictures with a web browser thumbnails are created on the fly, add comments, send e-cards and view statistics about the pictures. " "The script us...