Server-Side Request Forgery (SSRF)

concrete5/concrete5 is vulnerable to server-side request forgery SSRF. The vulnerability exists in file.php because the server doesn't specify the validated IPs when downloading files which allows an attacker to access cloud and download files from the local network...

Server-Side Request Forgery (SSRF)

concrete5/concrete5 is vulnerable to server-side request forgery. The vulnerability exists through the local IP importing in 'file.php' which allows an attacker to read the files from private local LAN servers and exploit the local network apps...

Directory traversal

Gnuteca 3.8 allows file.php?folder=/&file= Directory Traversal...

CVE-2020-12764

CVE-2020-12764 affects Gnuteca 3.8, exposing a directory traversal in file.php?folder=/&file= that allows access to restricted paths. The description consistently states that the vulnerability arises from improper filtering of path elements, enabling traversal outside the intended directory. Publ...

WordPress RCE Vulnerability (CVE-2019-8942) - Windows

WordPress allows remote code execution RCE because an wpattachedfile Post Meta entry can be changed to an arbitrary string, such as one ending with a .jpg?file.php substring. An attacker with author privileges can execute arbitrary code by uploading a crafted image containing PHP code in the Exif...

Remote code execution

WordPress before 4.9.9 and 5.x before 5.0.1 allows remote code execution because an wpattachedfile Post Meta entry can be changed to an arbitrary string, such as one ending with a .jpg?file.php substring. An attacker with author privileges can execute arbitrary code by uploading a crafted image...

CVE-2016-10732

ProjectSend formerly cFTP r582 allows authentication bypass via a direct request for users.php, home.php, edit-file.php?fileid=1, or process-zip-download.php, or adduserform parameters to users-add.php...

Trend Micro Control Manager - ImportFile Directory Traversal RCE Exploit

Exploit for windows platform in category remote exploits require 'msf/core' require 'msf/core/exploit/phpexe' class MetasploitModule 'Trend Micro Control Manager importFile Directory Traversal RCE', 'Description' = %q This module exploits a directory traversal vulnerability found in Trend Micro...

Sql injection

In osTicket before 1.10.1, SQL injection is possible by constructing an array via use of square brackets at the end of a parameter name, as demonstrated by the key parameter to file.php...

CVE-2017-14396

In osTicket before 1.10.1, SQL injection is possible by constructing an array via use of square brackets at the end of a parameter name, as demonstrated by the key parameter to file.php...

CVE-2017-14396

In osTicket before 1.10.1, SQL injection is possible by constructing an array via use of square brackets at the end of a parameter name, as demonstrated by the key parameter to file.php...

dedicatedmicros.com XSS vulnerability

Vulnerable URL: https://www.dedicatedmicros.com/europe/file.php?path=%3Cscript%3Ealert%28%27openbugbounty%27%29%3C/script%3E Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 1280770 VIP website status:| No Check...

DesignFolio Plus Theme <= 1.2 - Arbitrary File Upload

Vulnerable File : upload-file.php...

WordPress <= 2.8.5 Unrestricted File Upload Arbitrary PHP Code Execution

No description provided by source. ============================================= - Release date: November 11th, 2009 - Discovered by: Dawid Golunski - Severity: Moderately High ============================================= I. VULNERABILITY ------------------------- WordPress = 2.8.5 Unrestricted...

V-webmail 1.6.4 includes/pear/File.php CONFIG[pear_dir] Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/30162/info V-webmail is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied data. Exploiting these issues can allow an attacker to compromise the application and t...

OpenDock Easy Doc <= 1.4 - (doc_directory) File Include Vulnerabilities

No description provided by source. ECHOADV49$2006 ----------------------------------------------------------------------------------------------- ECHOADV49$2006OpenDock Easy Doc =1.4 docdirectory Multiple Remote File Inclusion Vulnerability...

limesurvey (phpsurveyor) 1.49rc2 - Remote File Inclusion Vulnerability

No description provided by source. Owner : Pr0T3cT10n Email : [email protected] Homepage : www.kamikaz-team.com Script site : www.limesurvey.org Script name : LimeSurvey PHPSurveyor Version : 1.49RC2 Type : RFIRemote File Include Source :...

CMS Mini <= 0.2.2 - Remote Command Execution Exploit

No description provided by source. --+++================================================================+++-- --+++====== CMS Mini = 0.2.2 Remote Command Execution Exploit ======+++-- --+++================================================================+++-- ?php function usage exit \nCMS Mini =...

DEBIAN-CVE-2010-5294

Multiple cross-site scripting XSS vulnerabilities in the requestfilesystemcredentials function in wp-admin/includes/file.php in WordPress before 3.0.2 allow remote servers to inject arbitrary web script or HTML by providing a crafted error message for a 1 FTP or 2 SSH connection attempt...

FlashComs Chat Script File Upload

"@".$options'f'."","fileId" = $options"f"; $result = curlexec$handle; ifstrpos$result,"UPLOADSUCCESS" echo "\n\n"; echo "\t+ Exploitation success!!\n"; echo "\t+ http://$optionsu/files/$optionsf\n"; echo "...