Lucene search
+L

44 matches found

Cvelist
Cvelist
added 2012/12/03 9:0 p.m.41 views

CVE-2012-5450

Cross-site request forgery CSRF vulnerability in lib/filemanager/imagemanager/images.php in CMS Made Simple CMSMS 1.11.2 and earlier allows remote attackers to hijack the authentication of administrators for requests that delete arbitrary files via the deld parameter...

7.1AI score0.0087EPSS
Exploits3References7
Packet Storm
Packet Storm
added 2012/12/01 12:0 a.m.24 views

Tinymcpuk 0.3 Cross Site Scripting

================================================================= tinymcpuk xss vulnerability ================================================================= Exploit Title: tinymcpuk xss vulnerability Google Dork: n/a Date: 1/12/2012 GMT+7 Exploit Author: eidelweiss @randyarios Vendor Homepage:...

7.4AI score
Exploits0
FreeBSD
FreeBSD
added 2012/04/14 12:0 a.m.19 views

phpmyfaq -- Remote PHP Code Execution Vulnerability

The phpMyFAQ project reports: The bundled ImageManager library allows injection of arbitrary PHP code to execute arbitrary PHP code and upload malware and trojan horses...

5.7AI score
Exploits0References1
0day.today
0day.today
added 2012/02/18 12:0 a.m.20 views

Mitra Iranian CMS Remote File Upload

Exploit for php platform in category web applications Exploit Title: Mitra Iranian CMS Remote File Upload Google Dork: inurl:/plugins/editors/xinha/plugins/ImageManager/ Date: 2012/02/19 Author: BHG Security Center Discovered by : Nitrojen90 WebSite:WwW.Black-hg.Org Software Link:...

7.1AI score
Exploits0
0day.today
0day.today
added 2012/01/22 12:0 a.m.43 views

miniCMS v1.0 => v2.0 Arbitrary File Upload

Exploit for php platform in category web applications Title : miniCMS v1.0 = v2.0 Arbitrary File Upload Author : Or4nG.M4n Version : all version GDork : "This site is managed using MiniCMSŠ" Download : http://sourceforge.net/projects/mini-cms/files/mini-cms/ Thnks :...

7.1AI score
Exploits0
FreeBSD
FreeBSD
added 2011/10/25 12:0 a.m.13 views

phpmyfaq -- Remote PHP Code Injection Vulnerability

The phpMyFAQ project reports: The phpMyFAQ Team has learned of a serious security issue that has been discovered in our bundled ImageManager library we use in phpMyFAQ 2.6 and 2.7. The bundled ImageManager library allows injection of arbitrary PHP code via POST requests...

3.4AI score
Exploits0References2
Packet Storm
Packet Storm
added 2011/01/24 12:0 a.m.19 views

WordPress Media Manager Shell Upload

Exploit Title: Wordpress media Manager Plugins Shell Upload Vulnerability Date: 22/01/2011 Author: PenetraDz AuthorEmail:[email protected] Home:Algeria Tested on: Win Xp sp3 En Google Dork: inurl:"/plugins/ImageManager/manager.php" manager/media/editor/plugins/ImageManager/manager.php insert...

0.6AI score
Exploits0
0day.today
0day.today
added 2010/05/13 12:0 a.m.21 views

migascms "Xinha" Plugin Configuration Injection Vulnerability

Exploit for php platform in category web applications ============================================================= migascms "Xinha" Plugin Configuration Injection Vulnerability =============================================================...

7.1AI score
Exploits0
CVE
CVE
added 2010/05/12 12:0 a.m.58 views

CVE-2010-1916

The CVE-2010-1916 entry affects the Xinha WYSIWYG editor (0.96 Beta 2 and earlier) used in Serendipity 1.5.2 and older. The vulnerability arises in the dynamic configuration feature, where (1) backend_config_secret_key_location and backend_config_hash (used in a SHA1 hash of a shared secret that ...

7.5CVSS7.3AI score0.03262EPSS
Exploits1References9Affected Software2
0day.today
0day.today
added 2010/04/16 12:0 a.m.31 views

Wordpress xinha4wp xinha_core plugins File Upload Vulnerability

Exploit for php platform in category web applications =============================================================== Wordpress xinha4wp xinhacore plugins File Upload Vulnerability =============================================================== Author : Hackeri-AL Contact : h-al at hotmail dot it...

7.1AI score
Exploits0
0day.today
0day.today
added 2009/12/05 12:0 a.m.30 views

Wordpress Image Manager Plugins Shell Upload Vulnerability

Exploit for unknown platform in category web applications ========================================================== Wordpress Image Manager Plugins Shell Upload Vulnerability ========================================================== Exploit Title: Wordpress Image Manager Plugins Shell Upload...

7.1AI score
Exploits0
Cvelist
Cvelist
added 2007/05/30 10:0 a.m.22 views

CVE-2007-2901

Multiple cross-site scripting XSS vulnerabilities in Dokeos 1.8.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the img parameter to main/inc/lib/fckeditor/editor/plugins/ImageManager/editor.php and other unspecified vectors...

5.8AI score0.01835EPSS
Exploits0References6
Prion
Prion
added 2007/03/27 1:19 a.m.17 views

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in the SWmenu comswmenupro and comswmenufree 4.0 component for Mambo and Joomla! allow remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter to ImageManager/Classes/ImageManager.php under the 1 components...

10CVSS8.2AI score0.10574EPSS
Exploits1References6Affected Software1
0day.today
0day.today
added 2007/03/23 12:0 a.m.54 views

Joomla/Mambo Component SWmenuFree 4.0 RFI Vulnerability

Exploit for unknown platform in category web applications ======================================================= Joomla/Mambo Component SWmenuFree 4.0 RFI Vulnerability ======================================================= MAMBO Modules SWmenu 4.0 ImageManager.php Remote File Include...

7.1AI score
Exploits0
Cvelist
Cvelist
added 2006/07/20 11:0 p.m.20 views

CVE-2006-3751

PHP remote file inclusion vulnerability in popups/ImageManager/config.inc.php in the HTMLArea3 Addon Component comhtmlarea3xtd-c for ImageManager 1.5 allows remote attackers to execute arbitrary PHP code via a URL in the mosConfigabsolutepath parameter...

7.6AI score0.05529EPSS
Exploits1References6
CVE
CVE
added 2006/07/20 11:0 p.m.52 views

CVE-2006-3751

CVE-2006-3751 affects the ImageManager 1.5 stack via the HTMLArea3 Addon Component (com_htmlarea3_xtd-c). The vulnerability is a PHP remote file inclusion: an attacker can supply a URL in the mosConfig_absolute_path parameter to cause the server to include and execute PHP code remotely. The NVD d...

6.8CVSS7.6AI score0.05529EPSS
Exploits1References6Affected Software1
0day.today
0day.today
added 2006/07/17 12:0 a.m.35 views

HTMLArea3 Mambo Module <= 1.5 Remote Include Vulnerability

Exploit for unknown platform in category web applications ========================================================== HTMLArea3 Mambo Module = 1.5 Remote Include Vulnerability ========================================================== HTMLArea3 addon - ImageManager Author : Ahmad Maulana a.k.a...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2006/07/17 12:0 a.m.28 views

HTMLArea3 Mambo Module &lt;= 1.5 Remote Include Vulnerability

No description provided by source. HTMLArea3 addon - ImageManager Author : Ahmad Maulana a.k.a Matdhule Date : July 12th 2006 Location : Indonesia, Jakarta Web : http://advisories.echo.or.id/adv/adv38-matdhule-2006.txt Critical Lvl : Highly critical Impact : System access Where : From Remote...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2006/07/17 12:0 a.m.26 views

Mambo Module HTMLArea3 1.5 - Remote File Inclusion

Mambo Module HTMLArea3 1.5 - Remote File Inclusion HTMLArea3 addon - ImageManager Author : Ahmad Maulana a.k.a Matdhule Date : July 12th 2006 Location : Indonesia, Jakarta Web : http://advisories.echo.or.id/adv/adv38-matdhule-2006.txt Critical Lvl : Highly critical Impact : System access Where :...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2006/07/17 12:0 a.m.137 views

Mambo Module HTMLArea3 1.5 - Remote File Inclusion

HTMLArea3 addon - ImageManager Author : Ahmad Maulana a.k.a Matdhule Date : July 12th 2006 Location : Indonesia, Jakarta Web : http://advisories.echo.or.id/adv/adv38-matdhule-2006.txt Critical Lvl : Highly critical Impact : System access Where : From Remote...

7AI score
Exploits0
Rows per page
Query Builder