6 matches found
EUVD-2007-5034
Malware in sbrugna...
EUVD-2013-1857
Malware in sbrugna...
CVE-2015-8832
Dotclear before 2.8.2 has multiple incomplete blacklist vulnerabilities in inc/core/class.dc.core.php that allow remote authenticated users with the permissions to “manage their own media items” and “manage their own entries and comments” to upload a file with a (1) .pht, (2) .phps, or (3) .phtml...
CVE-2013-1850
CVE-2013-1850 affects ownCloud Server prior to 4.0.13 and prior to 4.5.8 (4.5.x). The vulnerability is an incomplete blacklist in apps/contacts/import.php and apps/contacts/ajax/uploadimport.php that allows authenticated remote users to upload a .htaccess file and thereby achieve arbitrary PHP co...
Input validation
Multiple incomplete blacklist vulnerabilities in the Simple File Upload modsimplefileuploadv1.3 module before 1.3.5 for Joomla! allow remote attackers to execute arbitrary code by uploading a file with a 1 php5, 2 php6, or 3 double e.g. .php.jpg extension, then accessing it via a direct request t...
CVE-2011-5148
Multiple incomplete blacklist vulnerabilities in the Simple File Upload modsimplefileuploadv1.3 module before 1.3.5 for Joomla! allow remote attackers to execute arbitrary code by uploading a file with a 1 php5, 2 php6, or 3 double e.g. .php.jpg extension, then accessing it via a direct request t...