73 matches found
Cross site scripting
XSS in filedownload v1.4 wordpress plugin...
CVE-2015-1000003
Blind SQL Injection in filedownload v1.4 wordpress plugin...
CVE-2015-1000004
XSS in filedownload v1.4 wordpress plugin...
CVE-2015-1000002
Open Proxy in filedownload v1.4 wordpress plugin...
CVE-2015-1000003
CVE-2015-1000003 describes a Blind SQL Injection in the WordPress plugin filedownload v1.4 . Multiple connected sources confirm that the vulnerability exists in this plugin version and is of the SQL injection type, impacting WordPress environments hosting this plugin. The NVD entry provides a hig...
CVE-2015-1000002
The CVE-2015-1000002 entry concerns the WordPress FileDownload plugin (version 1.4). Connected sources indicate multiple issues tied to FileDownload
CVE-2015-1000004
CVE-2015-1000004 records an XSS vulnerability in the WordPress plugin “filedownload” v1.4. The connected documents substantiate the affected product (WordPress filedownload plugin) and the vulnerability class (XSS) but do not provide concrete technical specifics such as vulnerable files, root cau...
WordPress Filedownload Plugin 0.1 arbitrary File Download
No description provided by source...
ManageEngine ServiceDesk Plus 9.1 build 9110 - Directory Traversal
ManageEngine ServiceDesk Plus 9.1 build 9110 - Directory Traversal Exploit Title: ManageEngine ServiceDesk Plus Product Description ------------------- ServiceDesk Plus is an ITIL ready IT help desk software for organizations of all sizes. With advanced ITSM functionality and easy-to-use...
WordPress Filedownload 1.4 Open Proxy
Title: Open Proxy in filedownload v1.4 wordpress plugin Author: Larry W. Cashdollar, @larry0 Date: 2015-07-11 Download Site: https://wordpress.org/plugins/filedownload/ Vendor: Peter Gross Vendor Notified: 2015-07-11 Vendor Contact: [email protected] Description: Creates a downloadlink with t...
FileDownload <= 1.4 - Multiple Issues
XSS, Blind SQL Injection and Open Proxy issues...
Aspose.Words Exporter < 2.0 - Unauthenticated Arbitrary File Download
The Aspose.Words Exporter WordPress plugin was affected by an Arbitrary File Download security vulnerability. The asposedocexporterdownload.php file of the plugin does not restrict access, check permission or validate the file parameter, allowing unauthenticated user to download any file from the...
WordPress Filedownload Plugin 0.1 (download.php) Remote File Disclosure Vulnerability
No description provided by source...
HP Intelligent Management Center SOM Module Information Disclosure
The HP Intelligent Management Center IMC application running on the remote host is affected by an information disclosure vulnerability in the included IMC Service Operation Management SOM Module, specifically within the FileDownload servlet, due to a failure to require authentication. An...
e107 Filedownload Plugin - Arbitrary File Upload Remote File Disclosure
e107 Filedownload Plugin - Arbitrary File Upload Remote File Disclosure source: https://www.securityfocus.com/bid/54098/info The FileDownload Plugin for e107 is prone to an arbitrary file-upload vulnerability and a remote file-disclosure vulnerability because the application fails to adequately...
e107 FileDownload 1.1 Shell Upload / File Disclosure
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...
e107 Filedownload Plugin - Arbitrary File Upload / Remote File Disclosure
source: https://www.securityfocus.com/bid/54098/info The FileDownload Plugin for e107 is prone to an arbitrary file-upload vulnerability and a remote file-disclosure vulnerability because the application fails to adequately sanitize user-supplied input. An attacker can exploit these issues to...
e107 Plugin - FilleDownload Plugin Upload Shell / Remote File Disclosure
Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...
Mega File Manager 1.0 File Download
Exploit Title: MegaFileManager FileDownload Vulnerability date: 2012-04-19 Author: i2sec-Min Gi Jo Software Link: http://www.awesomephp.com/?Download5 Version: Mega File Manager V 1.0 Tested on: Windows Description : There is no filtering on 'cimages.php' parameter 'name'. PoC :...
Mega File Manager - File Download
Exploit Title: MegaFileManager FileDownload Vulnerability date: 2012-04-19 Author: i2sec-Min Gi Jo Software Link: http://www.awesomephp.com/?Download5 Version: Mega File Manager V 1.0 Tested on: Windows Description : There is no filtering on 'cimages.php' parameter 'name'. PoC :...