44 matches found
CVE-2012-5450
Cross-site request forgery CSRF vulnerability in lib/filemanager/imagemanager/images.php in CMS Made Simple CMSMS 1.11.2 and earlier allows remote attackers to hijack the authentication of administrators for requests that delete arbitrary files via the deld parameter...
Tinymcpuk 0.3 Cross Site Scripting
================================================================= tinymcpuk xss vulnerability ================================================================= Exploit Title: tinymcpuk xss vulnerability Google Dork: n/a Date: 1/12/2012 GMT+7 Exploit Author: eidelweiss @randyarios Vendor Homepage:...
phpmyfaq -- Remote PHP Code Execution Vulnerability
The phpMyFAQ project reports: The bundled ImageManager library allows injection of arbitrary PHP code to execute arbitrary PHP code and upload malware and trojan horses...
Mitra Iranian CMS Remote File Upload
Exploit for php platform in category web applications Exploit Title: Mitra Iranian CMS Remote File Upload Google Dork: inurl:/plugins/editors/xinha/plugins/ImageManager/ Date: 2012/02/19 Author: BHG Security Center Discovered by : Nitrojen90 WebSite:WwW.Black-hg.Org Software Link:...
miniCMS v1.0 => v2.0 Arbitrary File Upload
Exploit for php platform in category web applications Title : miniCMS v1.0 = v2.0 Arbitrary File Upload Author : Or4nG.M4n Version : all version GDork : "This site is managed using MiniCMSŠ" Download : http://sourceforge.net/projects/mini-cms/files/mini-cms/ Thnks :...
phpmyfaq -- Remote PHP Code Injection Vulnerability
The phpMyFAQ project reports: The phpMyFAQ Team has learned of a serious security issue that has been discovered in our bundled ImageManager library we use in phpMyFAQ 2.6 and 2.7. The bundled ImageManager library allows injection of arbitrary PHP code via POST requests...
WordPress Media Manager Shell Upload
Exploit Title: Wordpress media Manager Plugins Shell Upload Vulnerability Date: 22/01/2011 Author: PenetraDz AuthorEmail:[email protected] Home:Algeria Tested on: Win Xp sp3 En Google Dork: inurl:"/plugins/ImageManager/manager.php" manager/media/editor/plugins/ImageManager/manager.php insert...
migascms "Xinha" Plugin Configuration Injection Vulnerability
Exploit for php platform in category web applications ============================================================= migascms "Xinha" Plugin Configuration Injection Vulnerability =============================================================...
CVE-2010-1916
The CVE-2010-1916 entry affects the Xinha WYSIWYG editor (0.96 Beta 2 and earlier) used in Serendipity 1.5.2 and older. The vulnerability arises in the dynamic configuration feature, where (1) backend_config_secret_key_location and backend_config_hash (used in a SHA1 hash of a shared secret that ...
Wordpress xinha4wp xinha_core plugins File Upload Vulnerability
Exploit for php platform in category web applications =============================================================== Wordpress xinha4wp xinhacore plugins File Upload Vulnerability =============================================================== Author : Hackeri-AL Contact : h-al at hotmail dot it...
Wordpress Image Manager Plugins Shell Upload Vulnerability
Exploit for unknown platform in category web applications ========================================================== Wordpress Image Manager Plugins Shell Upload Vulnerability ========================================================== Exploit Title: Wordpress Image Manager Plugins Shell Upload...
CVE-2007-2901
Multiple cross-site scripting XSS vulnerabilities in Dokeos 1.8.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the img parameter to main/inc/lib/fckeditor/editor/plugins/ImageManager/editor.php and other unspecified vectors...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in the SWmenu comswmenupro and comswmenufree 4.0 component for Mambo and Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter to ImageManager/Classes/ImageManager.php under the 1 components...
Joomla/Mambo Component SWmenuFree 4.0 RFI Vulnerability
Exploit for unknown platform in category web applications ======================================================= Joomla/Mambo Component SWmenuFree 4.0 RFI Vulnerability ======================================================= MAMBO Modules SWmenu 4.0 ImageManager.php Remote File Include...
CVE-2006-3751
PHP remote file inclusion vulnerability in popups/ImageManager/config.inc.php in the HTMLArea3 Addon Component comhtmlarea3xtd-c for ImageManager 1.5 allows remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter...
CVE-2006-3751
CVE-2006-3751 affects the ImageManager 1.5 stack via the HTMLArea3 Addon Component (com_htmlarea3_xtd-c). The vulnerability is a PHP remote file inclusion: an attacker can supply a URL in the mosConfig_absolute_path parameter to cause the server to include and execute PHP code remotely. The NVD d...
HTMLArea3 Mambo Module <= 1.5 Remote Include Vulnerability
Exploit for unknown platform in category web applications ========================================================== HTMLArea3 Mambo Module = 1.5 Remote Include Vulnerability ========================================================== HTMLArea3 addon - ImageManager Author : Ahmad Maulana a.k.a...
HTMLArea3 Mambo Module <= 1.5 Remote Include Vulnerability
No description provided by source. HTMLArea3 addon - ImageManager Author : Ahmad Maulana a.k.a Matdhule Date : July 12th 2006 Location : Indonesia, Jakarta Web : http://advisories.echo.or.id/adv/adv38-matdhule-2006.txt Critical Lvl : Highly critical Impact : System access Where : From Remote...
Mambo Module HTMLArea3 1.5 - Remote File Inclusion
Mambo Module HTMLArea3 1.5 - Remote File Inclusion HTMLArea3 addon - ImageManager Author : Ahmad Maulana a.k.a Matdhule Date : July 12th 2006 Location : Indonesia, Jakarta Web : http://advisories.echo.or.id/adv/adv38-matdhule-2006.txt Critical Lvl : Highly critical Impact : System access Where :...
Mambo Module HTMLArea3 1.5 - Remote File Inclusion
HTMLArea3 addon - ImageManager Author : Ahmad Maulana a.k.a Matdhule Date : July 12th 2006 Location : Indonesia, Jakarta Web : http://advisories.echo.or.id/adv/adv38-matdhule-2006.txt Critical Lvl : Highly critical Impact : System access Where : From Remote...