Lucene search
+L

340 matches found

Packet Storm
Packet Storm
added 2017/09/20 12:0 a.m.82 views

Pixie Image Editor 1.7 Server-Side Request Forgery

Pixie image Editor SSRF vulnerability for CVE-2017-12905 title: Pixie image Editor SSRF vulnerability for CVE-2017-12905 Date: 20/09/2017 Vulnerability TypePSo SSRFServer Side Request Forgery Vendor of ProductPSo vebtoPS"vebto.comPSc Attack TypePSo Remote ImpactPSo Importent AuthorPSoBeiJing...

0.2AI score0.02642EPSS
Exploits2
CNVD
CNVD
added 2017/06/17 12:0 a.m.1 views

OV3 Online Administration Remote Code Execution Vulnerability

OV3 Online Administration is an online administration platform. A remote code execution vulnerability exists in OV3 Online Administration. The vulnerability is due to the validation of an uploaded file in the 'imageeditor.php' script via the 'userfile' POST parameter. This allows an attacker to...

8.6AI score
Exploits0References1
0day.today
0day.today
added 2017/05/31 12:0 a.m.47 views

OV3 Online Administration 3.0 - Remote Code Execution Vulnerability

Exploit for php platform in category web applications !-- OV3 Online Administration 3.0 Authenticated Code Execution Vendor: novaCapta Software & Consulting GmbH Product web page: http://www.meacon.de Affected version: 3.0 Summary: With the decision to use the OV3 as a platform for your data...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2017/05/31 12:0 a.m.35 views

OV3 Online Administration 3.0 - Remote Code Execution

OV3 Online Administration 3.0 - Remote Code Execution !-- OV3 Online Administration 3.0 Authenticated Code Execution Vendor: novaCapta Software & Consulting GmbH Product web page: http://www.meacon.de Affected version: 3.0 Summary: With the decision to use the OV3 as a platform for your data...

0.1AI score
Exploits0
Prion
Prion
added 2017/05/23 4:29 a.m.23 views

Unrestricted file upload

Unrestricted file upload vulnerability in includes/upload.php in the Aviary Image Editor Add-on For Gravity Forms plugin 3.0 beta for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in...

7.5CVSS8.3AI score0.40595EPSS
Exploits3References2Affected Software1
Cvelist
Cvelist
added 2017/05/23 3:56 a.m.33 views

CVE-2015-4455

Unrestricted file upload vulnerability in includes/upload.php in the Aviary Image Editor Add-on For Gravity Forms plugin 3.0 beta for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in...

9.8AI score0.40595EPSS
Exploits3References2
0day.today
0day.today
added 2017/05/03 12:0 a.m.45 views

concrete5 8.1.0 Thumbnail Editor CSRF Vulnerability

Exploit for php platform in category web applications +-------------------------------------------------------------+ | Vulnerable Software: Concrete5 CMS | | Vendor: http://www.concrete5.org/ | | Vulnerability Type: CSRF to DoS disables installation | | Date Released: 23/04/2017 | | Released by:...

4.3CVSS6.6AI score0.012EPSS
Exploits3
Packet Storm
Packet Storm
added 2017/05/02 12:0 a.m.50 views

concrete5 8.1.0 Thumbnail Editor CSRF / DoS

| \ | \ | | | | | | / \ | | | |/ / | |/ / | | | | | | | | | / / | | | / | / | | | | | | | | | | | | | | | |\ \ \ / / // / | | | /\ | | | | | / / / / / | | | \ | | / | | | / \ | | | | | \ | | | | \ \ / / | | | | | \ --. | | | / / | | | | | |/ / | | | | \ V / | | | . | --. \ | | | | | |...

4.3CVSS6.4AI score0.012EPSS
Exploits3
NVD
NVD
added 2016/11/03 10:59 a.m.14 views

CVE-2016-7453

The Pixidou Image Editor in Exponent CMS prior to v2.3.9 patch 2 could be used to perform an fid SQL Injection...

9.8CVSS9.6AI score0.0149EPSS
Exploits0References2
OSV
OSV
added 2016/11/03 10:59 a.m.7 views

CVE-2016-7453

The Pixidou Image Editor in Exponent CMS prior to v2.3.9 patch 2 could be used to perform an fid SQL Injection...

9.8CVSS7.3AI score
Exploits0References2
NVD
NVD
added 2016/11/03 10:59 a.m.14 views

CVE-2016-7452

The Pixidou Image Editor in Exponent CMS prior to v2.3.9 patch 2 could be used to upload a malicious file to any folder on the site via a cpi directory traversal...

7.5CVSS7.4AI score0.01672EPSS
Exploits0References3
OSV
OSV
added 2016/11/03 10:59 a.m.9 views

CVE-2016-7452

The Pixidou Image Editor in Exponent CMS prior to v2.3.9 patch 2 could be used to upload a malicious file to any folder on the site via a cpi directory traversal...

7.5CVSS6.5AI score
Exploits0References3
Prion
Prion
added 2016/11/03 10:59 a.m.13 views

Sql injection

The Pixidou Image Editor in Exponent CMS prior to v2.3.9 patch 2 could be used to perform an fid SQL Injection...

7.5CVSS7.6AI score0.0149EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2016/11/03 10:59 a.m.15 views

Directory traversal

The Pixidou Image Editor in Exponent CMS prior to v2.3.9 patch 2 could be used to upload a malicious file to any folder on the site via a cpi directory traversal...

5CVSS6.8AI score0.01672EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2016/11/03 10:0 a.m.51 views

CVE-2016-7453

CVE-2016-7453 affects Exponent CMS prior to v2.3.9 patch 2, due to SQL injection in the Pixidou Image Editor component. The vulnerability arises from inadequate input filtering in the editor module, enabling an attacker to perform an SQL injection that could compromise the application and its dat...

9.8CVSS9.6AI score0.0149EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2016/11/03 10:0 a.m.24 views

CVE-2016-7452

The Pixidou Image Editor in Exponent CMS prior to v2.3.9 patch 2 could be used to upload a malicious file to any folder on the site via a cpi directory traversal...

7.6AI score0.01672EPSS
Exploits0References3
Cvelist
Cvelist
added 2016/11/03 10:0 a.m.22 views

CVE-2016-7453

The Pixidou Image Editor in Exponent CMS prior to v2.3.9 patch 2 could be used to perform an fid SQL Injection...

9.7AI score0.0149EPSS
Exploits0References2
CVE
CVE
added 2016/11/03 10:0 a.m.44 views

CVE-2016-7452

Exponent CMS is affected by a directory traversal vulnerability in the Pixidou Image Editor component, tracked as CVE-2016-7452. The issue allows uploading a malicious file to any folder on the site via a cpi directory traversal vector, affecting Exponent CMS prior to v2.3.9 patch 2. The known re...

7.5CVSS7.8AI score0.01672EPSS
Exploits0References3Affected Software1
RedHat Linux
RedHat Linux
added 2016/11/03 8:9 a.m.5 views

gimp: Use-after-free vulnerabilities in the channel and layer properties parsing process

Multiple use-after-free vulnerabilities were found in GIMP in the channel and layer properties parsing process when loading XCF files. An attacker could create a specially crafted XCF file which could cause GIMP to crash...

7.8CVSS5.8AI score0.03113EPSS
Exploits0References4
hackapp
hackapp
added 2016/04/01 9:20 a.m.20 views

Image Editor - Customized SSL, Dangerous filesystem permissions, Redefined SSL Common Names verifier vulnerabilities

HackApp vulnerability scanner discovered that application Image Editor published at the 'play' market has multiple vulnerabilities...

0.6AI score
Exploits0References1Affected Software1
Rows per page
Query Builder