EUVD-2014-4913

Malware in sbrugna...

SUSE CVE-2010-4208

Cross-site scripting XSS vulnerability in the Flash component infrastructure in YUI 2.5.0 through 2.8.1, as used in Bugzilla, Moodle, and other products, allows remote attackers to inject arbitrary web script or HTML via vectors related to uploader/assets/uploader.swf...

SUSE CVE-2012-5882

Cross-site scripting XSS vulnerability in the Flash component infrastructure in YUI 2.5.0 through 2.9.0 allows remote attackers to inject arbitrary web script or HTML via vectors related to uploader.swf, a similar issue to CVE-2010-4208...

GHSA-9WW8-J8J2-3788 YUI Cross-site Scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in flashuploader.swf in the Uploader component in Yahoo! YUI 3.5.0 through 3.9.1, as used in Moodle through 2.1.10, 2.2.x before 2.2.11, 2.3.x before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.1, and other products, allows remote attackers to inject arbitra...

WordPress Flash Uploader Plugin Remote Command Execution Vulnerability

WordPress is a blogging platform developed by the WordPress Software Foundation using the PHP language, which supports setting up personal blog sites on servers with PHP and MySQL.Flash Uploader is a plugin used to enable users to upload Flash files based on username, group or role. A security...

Design/Logic Flaw

The WordPress Flash Uploader plugin before 3.1.3 for WordPress allows remote attackers to execute arbitrary commands via vectors related to invalid characters in imagemagicpath...

CVE-2014-5014

The WordPress Flash Uploader plugin before 3.1.3 for WordPress allows remote attackers to execute arbitrary commands via vectors related to invalid characters in imagemagicpath...

CVE-2014-5014

Affected software : WordPress Flash Uploader plugin for WordPress (versions before 3.1.3). Vulnerability : Remote command execution due to vectors related to invalid characters in image_magic_path, enabling arbitrary commands. Impact : High risk of remote code execution; CVSS details in the docum...

CVE-2014-5014

The WordPress Flash Uploader plugin before 3.1.3 for WordPress allows remote attackers to execute arbitrary commands via vectors related to invalid characters in imagemagicpath...

Mail.ru: Same Origin Policy bypass

Hi, After small investigation I've probably found something that can be exploited to bypass Same Origin Policy on mail.ru services specially your main domain and e.mail.ru. First of all - let's take a look about your crossdomain.xml both for mail.ru and e.mail.ru: After time spent on searching...

Flash Uploader <= 3.1.2 - Arbitrary Comm& Execution

The WordPress Flash Uploader WordPress plugin was affected by an Arbitrary Comm& Execution security vulnerability...

Joomla Flash uploader 2.5.1 - Remote File Inclusion Vulnerabilities

No description provided by source. -------------------------------------------- = = = Mdx c 2007 = = = -------------------------------------------- = = =Joomla comjoomlaflashuploader Remote File Include 2.5.1,2.5.2 = = ============================================ = = Download: = =...

Joomla! 2.5.x < 2.5.10 / 3.0.x < 3.0.4 Multiple Vulnerabilities

According to its self-identified version number, the Joomla! installation hosted on the remote web server is 2.5.x prior to 2.5.10 or 3.0.x prior to 3.0.4. It is, therefore, affected by multiple vulnerabilities : - A security bypass vulnerability exists due to a failure to properly verify...

UBUNTU-CVE-2012-5882

Cross-site scripting XSS vulnerability in the Flash component infrastructure in YUI 2.5.0 through 2.9.0 allows remote attackers to inject arbitrary web script or HTML via vectors related to uploader.swf, a similar issue to CVE-2010-4208...

Joomla Component com_joomla_flash_uploader Remote File Upload

Exploit for php platform in category web applications -------------------------------------------------------------- Joomla Component comjoomlaflashuploader Remote File Upload ------------------------------------------------------------- Exploit Author = Zikou-16 My Facebook =...

Joomla! Component Easy Flash Uploader - helper.php Arbitrary File Upload

Joomla! Component Easy Flash Uploader - helper.php Arbitrary File Upload source: https://www.securityfocus.com/bid/53977/info The Easy Flash Uploader component for Joomla! is prone to a vulnerability that lets attackers upload arbitrary files because the application fails to adequately sanitize...

Joomla Easy Flash Uploader 2.0 Shell Upload

1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 + Site : 1337day.com 0 1 + Support e-mail :...

Joomla! Component Easy Flash Uploader - &#039;helper.php&#039; Arbitrary File Upload

source: https://www.securityfocus.com/bid/53977/info The Easy Flash Uploader component for Joomla! is prone to a vulnerability that lets attackers upload arbitrary files because the application fails to adequately sanitize user-supplied input. An attacker can exploit this vulnerability to upload...

Joomla - Easy Flash Uploader Arbitrary File Upload Vulnerability

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

Solmetra Flash Uploader Demo Shell Upload Vulnerability

Exploit for php platform in category web applications Solmetra Flash Uploader Demo Shell Upload Vulnerability Exploit Title: Solmetra Flash Uploader Demo Shell Upload Vulnerability Date: 21-04-2012 Author: Arm4dill0.DZ Vendor or Software Link: http://www.solmetra.com/en/ Version: Demo ;1.02...