5019 matches found
Sonium Enterprise Adressbook <= 0.2 (folder) Include Vulnerability
No description provided by source. +-------------------------------------------------------------------- + + Sonium Enterprise Adressbook Version 0.2 folder RFI + + Original advisory: + http://www.bb-pcsecurity.de/Websecurity/342/org/SoniumEnterpriseAdressbookVersion0.2folderRFI.htm +...
EarthStation 5 Search Service Remote File Deletion Vulnerabililty
No description provided by source. source: http://www.securityfocus.com/bid/8753/info It has been reported that EarthStation 5 is prone to a file deletion vulnerability that may allow a remote attacker to delete arbitrary files on a vulnerable system. The problem is reported to exist in the Searc...
Tastydir <= 1.2 (1216) Multiple Vulnerabilities
No description provided by source. Exploit Title: Tastydir = 1216 folder creation vuln Date: Oct 17 2010 Author: R Software Link: http://codecanyon.net/item/tastydir-an-ajax-file-manager-and-dir-listing/117167 Version: 1216 Tested on: Ubuntu 10.10 Information: Tastydir is a cross-platform PHP fil...
mcGalleryPRO <= 2006 (path_to_folder) Remote Include Vulnerability
No description provided by source. SolpotCrew Community Mcgallerypro pathtofolder Remote File Inclusion Download file : http://phpforums.net/mcgp/mcgp.zip/mcgp.zip Bug Found By :Solpot a.k.a k. Hasibuan 10-09-2006 contact: [email protected] Website :...
osDate (uploadvideos.php) Shell Upload Vulnerability
No description provided by source. ==================================================== osDate Upload Shell Vulnerability uploadvideos.php ==================================================== Date : 05/08/2010 Author : Xa7m3d Tested ON : ubuntu 9.10 MY Team : Currently no Software Link :...
RaakCMS Multiple Vulnerabilities
No description provided by source. Securitylab.ir Application Info: Name: RaakCms Vendor: http://raakcms.com Vulnerability: ======================= Arbitrary File Upload ======================= http://server/webmaster/pic.aspx select file and folder , your file upload here:...
Microsoft Windows XP/2000/NT 4 Shell Long Share Name Buffer Overrun Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/10213/info Microsoft Windows operating systems have been reported to be prone to a remotely exploitable buffer overrun condition. This issue is exposed when a client attempts to connect to an SMB share with an overly long...
I-Gallery Folder Argument Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/14002/info i-Gallery is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input to the 'folder' parameter of 'folderview.asp'. An attacker...
File Store PRO 3.2 - Multiple Blind SQL Injection Vulnerabilities
No description provided by source. | File Store PRO 3.2 Blind SQL Injection | || Download from: http://upoint.info/cgi/demo/fs/filestore.zip - Need admin rights: /confirm.php: code ifisset$GETfolder && $GETfolder!= $folder=$GETfolder; else exitBad Request; ifisset$GETid && $GETid!= $id=$GETid; el...
Sysax Multi Server 5.50 Create Folder BOF
No description provided by source. !/usr/bin/python Title: Sysax Multi Server 5.50 Create Folder BOF Author: Craig Freyman @cd1zz Tested on: XP SP3 32bit and Server 2003 SP2 32bitNo DEP Date Discovered: January 13, 2012 Vendor Contacted: January 15, 2012 Vendor Response: January 16, 2012 Vendor...
WeBid <= 0.7.3 RC9 Multiple Remote File Inclusion Vulnerabilities
No description provided by source. ----------------------------------------------------------------------------------------- ECHOADV104$2009 WeBid = 0.7.3 RC9 Multiple Remote File Inclution Vulnerabilities -----------------------------------------------------------------------------------------...
QnECMS <= 2.5.6 (adminfolderpath) Remote File Inclusion Exploit
No description provided by source...
FTP Drive + HTTP 1.0.4 iOS - Code Execution Vulnerability
No description provided by source. Document Title: =============== FTP Drive + HTTP 1.0.4 iOS - Code Execution Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1231 Release Date: ============= 2014-03-20 Vulnerability Laboratory ID VL-ID:...
JV2 Folder Gallery 3.0 0 - (download.php) Remote File Disclosure Exploit
No description provided by source. / Script Name :JV2 Folder Gallery Script site :www.jv2.net Discovered by :SaO Exploit Coded by :PeTrO Credits To soulreaver,Kuz3y Compile: Visual C++ or DevC++ / include stdio.h include string.h include winsock.h pragma commentlib,ws232.lib int mainint argc, cha...
Faceless: Tap Jacking Attack on Button Tags
UI Redressing Tap jacking attack may trick users into tapping a specifically crafted malicious App popup window e.g. toast view, making it a gateway for varied threats such as framing attack. Using this technique, a malicious App could potentially trick a user into making purchases, clicking on...
CVE-2014-3840
CVE-2014-3840 affects Mayan EDMS 0.13, with multiple stored XSS vulnerabilities in apps/common/templates/calculate_form_title.html. The issue allows remote authenticated users to inject arbitrary script/HTML via several vectors: (1) a tag, (2) the title of a source in a Staging folder, (3) the Na...
CVE-2014-3840
Multiple cross-site scripting XSS vulnerabilities in apps/common/templates/calculateformtitle.html in Mayan EDMS 0.13 allow remote authenticated users to inject arbitrary web script or HTML via a 1 tag or the 2 title of a source in a Staging folder, 3 Name field in a bootstrap setup, or Title fie...
CVE-2014-3840
Multiple cross-site scripting XSS vulnerabilities in apps/common/templates/calculateformtitle.html in Mayan EDMS 0.13 allow remote authenticated users to inject arbitrary web script or HTML via a 1 tag or the 2 title of a source in a Staging folder, 3 Name field in a bootstrap setup, or Title fie...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in apps/common/templates/calculateformtitle.html in Mayan EDMS 0.13 allow remote authenticated users to inject arbitrary web script or HTML via a 1 tag or the 2 title of a source in a Staging folder, 3 Name field in a bootstrap setup, or Title fie...
PYSEC-2014-110
Multiple cross-site scripting XSS vulnerabilities in apps/common/templates/calculateformtitle.html in Mayan EDMS 0.13 allow remote authenticated users to inject arbitrary web script or HTML via a 1 tag or the 2 title of a source in a Staging folder, 3 Name field in a bootstrap setup, or Title fie...