158 matches found
ACDSee Free User Mode Write Access Conflict Vulnerability
ACDSee is an image manager, viewer and editor program for Windows, macOS and iOS developed by ACD Systems International.ACDSee Free is the free version of ACDSee. ACDSee Free 1.1.21 suffers from a user mode write access conflict vulnerability starting at...
PhreeBooks ERP 5.2.3 - Arbitrary File Upload Exploit
Exploit for php platform in category web applications PhreeBooks ERP v5.2.3 - Arbitrary File Upload Exploit Author: Abdullah Çelebi Vendor Homepage: https://www.phreesoft.com/ Software Link: https://sourceforge.net/projects/phreebooks/files/latest/download Category: Webapps Version: 5.2.3 Tested...
PhreeBooks ERP 5.2.3 - Remote Command Execution
PhreeBooks ERP 5.2.3 - Remote Command Execution Exploit Title: PhreeBooks ERP 5.2.3 - Remote Command Execution Date: 2010-04-03 Exploit Author: Metin Yunus Kandemir kandemir Vendor Homepage: https://www.phreesoft.com/ Software Link: https://sourceforge.net/projects/phreebooks/ Version: v5.2.3...
PhreeBooks ERP 5.2.3 Remote Command Execution
Exploit Title: PhreeBooks ERP 5.2.3 - Remote Command Execution Date: 2010-04-03 Exploit Author: Metin Yunus Kandemir kandemir Vendor Homepage: https://www.phreesoft.com/ Software Link: https://sourceforge.net/projects/phreebooks/ Version: v5.2.3 Category: Webapps Tested on: XAMPP for Linux 5.6.38...
PhreeBooks ERP 5.2.3 - Arbitrary File Upload
PhreeBooks ERP v5.2.3 - Arbitrary File Upload Date: 03.04.2019 Exploit Author: Abdullah Çelebi Vendor Homepage: https://www.phreesoft.com/ Software Link: https://sourceforge.net/projects/phreebooks/files/latest/download Category: Webapps Version: 5.2.3 Tested on: WAMPP @Win Software description:...
PhreeBooks ERP 5.2.3 - Remote Command Execution (1)
Exploit Title: PhreeBooks ERP 5.2.3 - Remote Command Execution Date: 2010-04-03 Exploit Author: Metin Yunus Kandemir kandemir Vendor Homepage: https://www.phreesoft.com/ Software Link: https://sourceforge.net/projects/phreebooks/ Version: v5.2.3 Category: Webapps Tested on: XAMPP for Linux 5.6.38...
Joomla JCE 2.6.33 Arbitrary File Upload
Exploit Title : Joomla Content Editor JCE comjce Components Image Manager Plugin 2.6.33 Remote File Upload Vulnerability Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Vulnerability Published Date : 30/11/2018 Vulnerability First Discovered Date : 10/03/2014 Vendor...
Improving Image Manager with Real User Feedback
Steve Krug, a well-known user experience professional, has been quoted on many occasions for saying, "Don't make me think." It's true that users shouldn't have to puzzle around to find what they're looking for or to complete a task. Product usability is equally important to fancy features and...
XOOPS Core imagemanager.php cross-site scripting vulnerability
XOOPS is XOOPS team development and maintenance of a set of open source PHP and MySQL based content management system . A cross-site scripting vulnerability exists in XOOPS imagemanager.php, which allows remote attackers to exploit the vulnerability to inject malicious script or HTML code, which...
CVE-2012-0984
Multiple cross-site scripting XSS vulnerabilities in XOOPS before 2.5.5 allow remote attackers to inject arbitrary web script or HTML via the 1 touserid parameter to modules/pm/pmlite.php or the 2 currentfile, 3 imgcatid, or 4 target parameter to...
Log1 CMS writeInfo() PHP Code Injection
No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...
Mambo MOStlyCE Module 2.4 Image Manager Utility Arbitrary File Upload Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/27472/info The MOStlyCE module for Mambo is prone to an arbitrary-file-upload vulnerability because the application fails to sufficiently sanitize user-supplied input. Exploiting this issue could allow an attacker to uplo...
JCE Joomla Extension <= 2.0.10 - Multiple Vulnerabilities
No description provided by source. www.BugReport.ir AmnPardaz Security Research Team Title: JCE Joomla Extension =2.0.10 Multiple Vulnerabilities Vendor: www.joomlacontenteditor.net Exploit: Available Vulnerable Version: 2.0.10 Image Manager 1.5.7.13, Media Manager 1.5.6.3, Template Manager 1.5.5...
Ajax File and Image Manager 1.0 Final - Remote Code Execution Vulnerability
No description provided by source. -------------------------------------------------------------------------- Ajax File and Image Manager v1.0 Final Remote Code Execution Vulnerability -------------------------------------------------------------------------- author...........: Egidio Romano aka...
Ajax File and Image Manager 'search_folder'参数目录遍历漏洞
Bugtraq ID:66071 Ajax File and Image Manager是一款远程文件和图像管理工具。 Ajax File and Image Manager搜索功能不正确处理"searchfolder"参数数据,允许远程利用漏洞提交目录遍历请求,以WEB权限查看敏感文件信息。 0 Ajax File and Image Manager 目前没有详细解决方案提供: http://www.phpletter.com/...
CVE-2014-2092
Cross-site scripting XSS vulnerability in lib/filemanager/ImageManager/editorFrame.php in CMS Made Simple 1.11.10 allows remote attackers to inject arbitrary web script or HTML via the action parameter, a different issue than CVE-2014-0334. NOTE: the original disclosure also reported issues that...
Log1 CMS writeInfo() PHP Code Injection (CVE-2011-4825)
A PHP code injection vulnerability has been reported in the "Ajax File and Image Manager" component in log1 CMS. A remote attacker could inject arbitrary PHP code into data.php via crafted parameters...
[PT-2013-41] Arbitrary Code Execution in Ajax File and Image Manager
----------------------------------------------------------- PT-2013-41 Positive Technologies Security Advisory Arbitrary Code Execution in Ajax File and Image Manager ----------------------------------------------------------- --- Vulnerable software Ajax File and Image Manager Version: 1.1 and...
Ajax File And Image Manager 1.1 Code Execution
----------------------------------------------------------- PT-2013-41 Positive Technologies Security Advisory Arbitrary Code Execution in Ajax File and Image Manager ----------------------------------------------------------- --- Vulnerable software Ajax File and Image Manager Version: 1.1 and...
Moxiecode Image Manager 3.1.5 XSS / Content Spoofing / Disclosure
Hello list! I want to warn you about vulnerabilities in Moxiecode Image Manager MCImageManager. This is commercial plugin for TinyMCE. It concerns as MCImageManager, as all web applications which have MCImageManager in their bundle. These are Content Spoofing, Cross-Site Scripting and Full Path...