340 matches found
Pixie Image Editor 1.7 Server-Side Request Forgery
Pixie image Editor SSRF vulnerability for CVE-2017-12905 title: Pixie image Editor SSRF vulnerability for CVE-2017-12905 Date: 20/09/2017 Vulnerability TypePSo SSRFServer Side Request Forgery Vendor of ProductPSo vebtoPS"vebto.comPSc Attack TypePSo Remote ImpactPSo Importent AuthorPSoBeiJing...
OV3 Online Administration Remote Code Execution Vulnerability
OV3 Online Administration is an online administration platform. A remote code execution vulnerability exists in OV3 Online Administration. The vulnerability is due to the validation of an uploaded file in the 'imageeditor.php' script via the 'userfile' POST parameter. This allows an attacker to...
OV3 Online Administration 3.0 - Remote Code Execution Vulnerability
Exploit for php platform in category web applications !-- OV3 Online Administration 3.0 Authenticated Code Execution Vendor: novaCapta Software & Consulting GmbH Product web page: http://www.meacon.de Affected version: 3.0 Summary: With the decision to use the OV3 as a platform for your data...
OV3 Online Administration 3.0 - Remote Code Execution
OV3 Online Administration 3.0 - Remote Code Execution !-- OV3 Online Administration 3.0 Authenticated Code Execution Vendor: novaCapta Software & Consulting GmbH Product web page: http://www.meacon.de Affected version: 3.0 Summary: With the decision to use the OV3 as a platform for your data...
Unrestricted file upload
Unrestricted file upload vulnerability in includes/upload.php in the Aviary Image Editor Add-on For Gravity Forms plugin 3.0 beta for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in...
CVE-2015-4455
Unrestricted file upload vulnerability in includes/upload.php in the Aviary Image Editor Add-on For Gravity Forms plugin 3.0 beta for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in...
concrete5 8.1.0 Thumbnail Editor CSRF Vulnerability
Exploit for php platform in category web applications +-------------------------------------------------------------+ | Vulnerable Software: Concrete5 CMS | | Vendor: http://www.concrete5.org/ | | Vulnerability Type: CSRF to DoS disables installation | | Date Released: 23/04/2017 | | Released by:...
concrete5 8.1.0 Thumbnail Editor CSRF / DoS
| \ | \ | | | | | | / \ | | | |/ / | |/ / | | | | | | | | | / / | | | / | / | | | | | | | | | | | | | | | |\ \ \ / / // / | | | /\ | | | | | / / / / / | | | \ | | / | | | / \ | | | | | \ | | | | \ \ / / | | | | | \ --. | | | / / | | | | | |/ / | | | | \ V / | | | . | --. \ | | | | | |...
CVE-2016-7453
The Pixidou Image Editor in Exponent CMS prior to v2.3.9 patch 2 could be used to perform an fid SQL Injection...
CVE-2016-7453
The Pixidou Image Editor in Exponent CMS prior to v2.3.9 patch 2 could be used to perform an fid SQL Injection...
CVE-2016-7452
The Pixidou Image Editor in Exponent CMS prior to v2.3.9 patch 2 could be used to upload a malicious file to any folder on the site via a cpi directory traversal...
CVE-2016-7452
The Pixidou Image Editor in Exponent CMS prior to v2.3.9 patch 2 could be used to upload a malicious file to any folder on the site via a cpi directory traversal...
Sql injection
The Pixidou Image Editor in Exponent CMS prior to v2.3.9 patch 2 could be used to perform an fid SQL Injection...
Directory traversal
The Pixidou Image Editor in Exponent CMS prior to v2.3.9 patch 2 could be used to upload a malicious file to any folder on the site via a cpi directory traversal...
CVE-2016-7453
CVE-2016-7453 affects Exponent CMS prior to v2.3.9 patch 2, due to SQL injection in the Pixidou Image Editor component. The vulnerability arises from inadequate input filtering in the editor module, enabling an attacker to perform an SQL injection that could compromise the application and its dat...
CVE-2016-7452
The Pixidou Image Editor in Exponent CMS prior to v2.3.9 patch 2 could be used to upload a malicious file to any folder on the site via a cpi directory traversal...
CVE-2016-7453
The Pixidou Image Editor in Exponent CMS prior to v2.3.9 patch 2 could be used to perform an fid SQL Injection...
CVE-2016-7452
Exponent CMS is affected by a directory traversal vulnerability in the Pixidou Image Editor component, tracked as CVE-2016-7452. The issue allows uploading a malicious file to any folder on the site via a cpi directory traversal vector, affecting Exponent CMS prior to v2.3.9 patch 2. The known re...
gimp: Use-after-free vulnerabilities in the channel and layer properties parsing process
Multiple use-after-free vulnerabilities were found in GIMP in the channel and layer properties parsing process when loading XCF files. An attacker could create a specially crafted XCF file which could cause GIMP to crash...
Image Editor - Customized SSL, Dangerous filesystem permissions, Redefined SSL Common Names verifier vulnerabilities
HackApp vulnerability scanner discovered that application Image Editor published at the 'play' market has multiple vulnerabilities...