FlexPaper/FlowPaper 2.3.6 - Remote Code Execution

The Publish Service in FlexPaper later renamed FlowPaper 2.3.6 allows remote code execution via setup.php and changeconfig.php. id: CVE-2018-11686 info: name: FlexPaper/FlowPaper 2.3.6 - Remote Code Execution author: iamnoooob,pdresearch,pszyszkowski severity: critical description: | The Publish...

CVE-2018-11686

The Publish Service in FlexPaper later renamed FlowPaper 2.3.6 allows remote code execution via setup.php and changeconfig.php...

CVE-2018-11686

The Publish Service in FlexPaper later renamed FlowPaper 2.3.6 allows remote code execution via setup.php and changeconfig.php...

Remote code execution

The Publish Service in FlexPaper later renamed FlowPaper 2.3.6 allows remote code execution via setup.php and changeconfig.php...

CVE-2018-11686

The Publish Service in FlexPaper later renamed FlowPaper 2.3.6 allows remote code execution via setup.php and changeconfig.php...

CVE-2018-11686

CVE-2018-11686 affects FlexPaper/FlowPaper 2.3.6 . The Publish Service allows remote code execution via setup.php and change_config.php , enabling unauthenticated attackers to run arbitrary code on the server and potentially compromise the host and all hosted documents. Remediation: upgrade to Fl...

Devaldi FlexPaper Code Execution Vulnerability

Devaldi FlexPaper is a New Zealand Devaldi company's a lightweight Web-based PDF document viewing components . A code execution vulnerability exists in Devaldi FlexPaper version 2.3.6 and earlier versions, which can be exploited by remote attackers to execute code...

Flexpaper PHP Publish Service 2.3.6 - Remote Code Execution

!/usr/bin/env python Exploit Title: FlexPaper PHP Publish Service = 2.3.6 RCE Date: March 2019 Exploit Author: Red Timmy Security - redtimmysec.wordpress.com Vendor Homepage: https://flowpaper.com/download/ Version: = 2.3.6 Tested on: Linux/Unix CVE : CVE-2018-11686 Disclamer: This exploit is for...

Flexpaper PHP Publish Service 2.3.6 - Remote Code Execution

Flexpaper PHP Publish Service 2.3.6 - Remote Code Execution !/usr/bin/env python Exploit Title: FlexPaper PHP Publish Service = 2.3.6 RCE Date: March 2019 Exploit Author: Red Timmy Security - redtimmysec.wordpress.com Vendor Homepage: https://flowpaper.com/download/ Version: = 2.3.6 Tested on:...

Flexpaper PHP Publish Service 2.3.6 - Remote Code Execution Exploit #RCE

Exploit for php platform in category web applications !/usr/bin/env python Exploit Title: FlexPaper PHP Publish Service = 2.3.6 RCE Date: March 2019 Exploit Author: Red Timmy Security - redtimmysec.wordpress.com Vendor Homepage: https://flowpaper.com/download/ Version: = 2.3.6 Tested on: Linux/Un...

Vaultize Enterprise File Sharing Information Disclosure Vulnerability

Vaultize Enterprise File Sharing is an enterprise file sharing solution from Vaultize Technologies, USA. The solution includes features such as data retention management, versioning, secure data handling, data backup and recovery. A security vulnerability exists in Vaultize Enterprise File Sharin...

FlexPaper Content Forgery Vulnerability

FlexPaper is an open source lightweight used to display a variety of documents in the browser component , it needs to be used with PDF2SWF. A security vulnerability exists in the FlexPaperViewer.swf file in versions of Flexpaper prior to 2.3.1. A remote attacker can exploit this vulnerability to...

Flexpaper Cross-Site Scripting Vulnerability

FlexPaper is an open source lightweight used to display a variety of documents in the browser component , it needs to be used with PDF2SWF. A cross-site scripting vulnerability exists in the FlexPaperViewer.swf file in versions of Flexpaper prior to 2.3.1. A remote attacker can exploit this...

Spoofing

FlexPaperViewer.swf in Flexpaper before 2.3.1 allows remote attackers to conduct content-spoofing attacks via the Swfile parameter...

CVE-2014-9677

Cross-site scripting XSS vulnerability in FlexPaperViewer.swf in Flexpaper before 2.3.1 allows remote attackers to inject arbitrary web script or HTML via the Swfile parameter...

CVE-2014-9677

CVE-2014-9677 is an XSS in FlexPaperViewer.swf (Flexpaper) prior to 2.3.1. The vulnerability arises in the FlexPaperViewer.swf component via the Swfile parameter, allowing remote attackers to inject arbitrary web script/HTML. Connected CNVD entry confirms FlexPaper before 2.3.1 as affected; CNVD-...

CVE-2014-9677

Cross-site scripting XSS vulnerability in FlexPaperViewer.swf in Flexpaper before 2.3.1 allows remote attackers to inject arbitrary web script or HTML via the Swfile parameter...

CVE-2014-9678

The vulnerability CVE-2014-9678 affects FlexPaperViewer.swf in Flexpaper up to version 2.3.1. A remote attacker can abuse the Swfile parameter to perform content-spoofing, as described by multiple sources (CVE-2014-9678 and related CNVD/CVE entries). The root cause is insecure handling of the Swf...

FlexPaper 'FlexPaperViewer.swf' Cross-Site Scripting Vulnerability

FlexPaper is an open source lightweight in the browser to display a variety of documents on the component . A cross-site scripting vulnerability exists in FlexPaper 'FlexPaperViewer.swf' due to the program failing to properly filter user-supplied input. An attacker can exploit this vulnerability ...