Lucene search
K

732 matches found

Metasploit
Metasploit
added 2008/10/14 1:41 p.m.20 views

SoftArtisans XFile FileManager ActiveX Control Buffer Overflow

This module exploits a stack buffer overflow in SoftArtisans XFile FileManager ActiveX control SAFmgPwd.dll 2.0.5.3. When sending an overly long string to the GetDriveName method an attacker may be able to execute arbitrary code. This module requires Metasploit: https://metasploit.com/download...

9.3CVSS1AI score0.29613EPSS
Exploits4
seebug.org
seebug.org
added 2008/09/01 12:0 a.m.15 views

WeBid 0.5.4 (fckeditor) Remote Arbitrary File Upload Exploit

No description provided by source. ?php / ----------------------------------------------------------------- WeBid v0.5.4 fckeditor Remote Arbitrary File Upload Exploit ----------------------------------------------------------------- author...: Stack - vulnerable code in...

7.1AI score
Exploits0
Cvelist
Cvelist
added 2008/08/27 8:0 p.m.19 views

CVE-2007-1682

Multiple stack-based buffer overflows in the FileManager ActiveX control in SAFmgPws.dll in SoftArtisans XFile before 2.4.0 allow remote attackers to execute arbitrary code via unspecified calls to the 1 BuildPath, 2 GetDriveName, 3 DriveExists, or 4 DeleteFile method...

7.8AI score0.29613EPSS
Exploits4References4
CVE
CVE
added 2008/08/27 8:0 p.m.38 views

CVE-2007-1682

SoftArtisans XFile FileManager ActiveX control (SAFmgPws.dll) is affected by CVE-2007-1682 through vulnerable BuildPath(), GetDriveName(), DriveExists(), and DeleteFile() methods. The vulnerability is a stack-based buffer overflow in XFile before version 2.4.0 that could allow remote code executi...

9.3CVSS7.8AI score0.29613EPSS
Exploits4References4Affected Software1
seebug.org
seebug.org
added 2008/08/26 12:0 a.m.36 views

SoftArtisans XFile文件管理器ActiveX控件多个缓冲区溢出漏洞

BUGTRAQ ID:30826 CVE ID:CVE-2007-1682 CNCVE ID:CNCVE-20081682 SoftArtisans XFile是一款文件传送应用程序ActiveX控件。 XFile FileManager ActiveX控件存在多个缓冲区溢出,远程攻击者可以利用漏洞以应用程序权限执行任意指令。 由SAFmgPws.dll提供的XFile FileManager ActiveX控件处理BuildPath, GetDriveName, DriveExists,...

9.3CVSS6.6AI score0.29613EPSS
Exploits4
CERT
CERT
added 2008/08/25 12:0 a.m.57 views

SoftArtisans XFile FileManager ActiveX control stack buffer overflows

Overview The SoftArtisans XFile FileManager ActiveX control contains several stack buffer overflows, which can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description SoftArtisans XFile is an ActiveX file transfer application. The XFile FileManager...

9.3CVSS7.2AI score0.29613EPSS
Exploits4References3
OpenVAS
OpenVAS
added 2008/08/22 12:0 a.m.31 views

XHP CMS Version <= 0.5 File Upload Vulnerability

The remote webserver is hosting a PHP script which is vulnerable to a unrestricted file upload flaw. Description : XHP CMS is installed on the remote system. The installed application does not authenticate users to access the FileManager scripts located at:...

9CVSS0.6AI score0.09395EPSS
Exploits1References4
Cvelist
Cvelist
added 2008/08/19 7:10 p.m.29 views

CVE-2008-3712

Multiple cross-site scripting XSS vulnerabilities in Mambo 4.6.2 and 4.6.5, when registerglobals is enabled, allow remote attackers to inject arbitrary web script or HTML via the 1 query string to mambots/editors/mostlyce/jscripts/tinymce/filemanager/connectors/php/connector.php and the 2...

5.8AI score0.01877EPSS
Exploits1References6
Packet Storm
Packet Storm
added 2008/08/16 12:0 a.m.16 views

mambo462-morexss.txt

---------------------------------------------------------------- Script : Mambo 4.6.2 Full & Older Versions Type : Multiple Cross Site Scripting Vulnerabilities Alert Level : Medium ---------------------------------------------------------------- Download From :...

7.4AI score
Exploits0
NVD
NVD
added 2008/08/11 11:41 p.m.32 views

CVE-2008-3591

SQL injection vulnerability in lib/class.admin.php in Twentyone Degrees Symphony 1.7.01 and earlier allows remote attackers to execute arbitrary SQL commands via the symauth cookie in a /publish/filemanager/ request to index.php...

7.5CVSS8.3AI score0.02082EPSS
Exploits0References5
Prion
Prion
added 2008/06/30 6:24 p.m.10 views

Authentication flaw

admin/filemanager/ aka the File Manager in EZTechhelp EZCMS 1.2 and earlier does not require authentication, which allows remote attackers to create, modify, read, and delete files...

7.5CVSS7.2AI score0.02551EPSS
Exploits1References4Affected Software1
seebug.org
seebug.org
added 2008/06/28 12:0 a.m.14 views

Seagull PHP Framework &lt;= 0.6.4 (fckeditor) Arbitrary File Upload Exploit

No description provided by source. ?php / ------------------------------------------------------------------------ Seagull PHP Framework = 0.6.4 fckeditor Arbitrary File Upload Exploit ------------------------------------------------------------------------ author...: EgiX mail.....:...

7.1AI score
Exploits0
Exploit DB
Exploit DB
added 2008/06/26 12:0 a.m.28 views

Seagull PHP Framework 0.6.4 - &#039;FCKeditor&#039; Arbitrary File Upload

?php / ------------------------------------------------------------------------ Seagull PHP Framework = 0.6.4 fckeditor Arbitrary File Upload Exploit ------------------------------------------------------------------------ author...: EgiX mail.....: n0b0d13satgmaildotcom link.....:...

7.4AI score
Exploits0
Typo3
Typo3
added 2008/06/19 12:0 a.m.20 views

TYPO3 Security Bulletin

Several vulnerabilities have been found in TYPO3 third party extensions. Please read first: This Collective Security Bulletin CSB is a listing of vulnerable extensions with neither significant download numbers nor other special importance amongst the TYPO3 Community. The intention of CSBs is to...

7.8AI score
Exploits0Affected Software12
Exploit DB
Exploit DB
added 2008/06/09 12:0 a.m.37 views

ProManager 0.73 - &#039;config.php&#039; Local File Inclusion

-------------------------------------- Pro Manager 0.73 Local File Inclusion Vuln -------------------------------------- http://www.sfr-fresh.com/unix/privat/proManager-0.73.tar.gz -------------------------------------- By : Stack email : Wanted -------------------------------------- Exploit :...

7.4AI score
Exploits0
CVE
CVE
added 2008/05/16 6:54 a.m.47 views

CVE-2008-2267

The CVE-2008-2267 entry concerns CMS Made Simple (CMSMS) 1.2.4 and earlier, where the FileManager module’s Postlet component (javaUpload.php) uses an incomplete blacklist. This allows remote attackers to upload a file whose name ends with extensions such as .jsp, .php3, .cgi, .dhtml, .phtml, .php...

7.5CVSS7.7AI score0.04808EPSS
Exploits1References6Affected Software1
Typo3
Typo3
added 2008/05/15 12:0 a.m.23 views

Multiple vulnerabilities in extension Frontend Filemanager (air_filemanager)

It has been discovered that the extension Frontend Filemanager airfilemanager is susceptible to Cross Site Scripting XSS attacks and allows Remote Code Execution. Component Type: Third party extensions. These extensions are not part of the TYPO3 default installation. Affected Versions: Version...

7.4AI score
Exploits0Affected Software1
seebug.org
seebug.org
added 2008/05/15 12:0 a.m.30 views

CMS Made Simple &lt;= 1.2.4 (FileManager module) File Upload Exploit

No description provided by source. ?php / --------------------------------------------------------------------------- CMS Made Simple = 1.2.4 FileManager module Arbitrary File Upload Exploit --------------------------------------------------------------------------- author...: EgiX...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2008/05/12 12:0 a.m.29 views

cmsmadesimple-upload.txt

?php / --------------------------------------------------------------------------- CMS Made Simple = 1.2.4 FileManager module Arbitrary File Upload Exploit --------------------------------------------------------------------------- author...: EgiX mail.....: n0b0d13satgmaildotcom link.....:...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2008/05/12 12:0 a.m.17 views

CMS Made Simple 1.2.4 Module FileManager - Arbitrary File Upload

CMS Made Simple 1.2.4 Module FileManager - Arbitrary File Upload ?php / --------------------------------------------------------------------------- CMS Made Simple = 1.2.4 FileManager module Arbitrary File Upload Exploit ---------------------------------------------------------------------------...

7.4AI score
Exploits0
Rows per page
Query Builder