EUVD-2008-2826

Malware in sbrugna...

CVE-2008-2833

admin/upload.php in le.cms 1.4 and earlier allows remote attackers to bypass administrative authentication, and upload and execute arbitrary files in images/, via a nonzero value for the submit0 parameter in conjunction with filenames in the filename and upload parameters...

Authentication flaw

admin/upload.php in le.cms 1.4 and earlier allows remote attackers to bypass administrative authentication, and upload and execute arbitrary files in images/, via a nonzero value for the submit0 parameter in conjunction with filenames in the filename and upload parameters...

CVE-2008-2833

CVE-2008-2833 affects le.cms versions 1.4 and earlier. The admin/upload.php endpoint allows remote attackers to bypass administrative authentication and to upload and execute arbitrary files in the images/ directory by sending a nonzero submit0 value together with filenames in the filename and up...

CVE-2008-2833

admin/upload.php in le.cms 1.4 and earlier allows remote attackers to bypass administrative authentication, and upload and execute arbitrary files in images/, via a nonzero value for the submit0 parameter in conjunction with filenames in the filename and upload parameters...

lecms-upload.txt

!/usr/bin/perl use strict; use warnings; use LWP::UserAgent; use HTTP::Request::Common; print ; print "\nEnter Local File Path To Uploadie: C:\file.txt: "; chompmy $file=; my $ext = substr $file, rindex $file, '.'; my $fname = int rand 9999; my $ua = LWP::UserAgent-new agent = 'Mozilla/4.0...

LE.CMS <= 1.4 Remote Arbitrary File Upload Exploit

Exploit for unknown platform in category web applications ================================================== LE.CMS ; print "\nEnter Local File Path To Uploadie: C:\file.txt: "; chompmy $file=; my $ext = substr $file, rindex $file, '.'; my $fname = int rand 9999; my $ua = LWP::UserAgent-new agent...