jQuery - jui_filter_rules PHP Code Execution

jQuery - juifilterrules PHP Code Execution -----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 PHP Code Execution in juifilterrules Parsing Library ====================================================== Researcher: Timo Schmid Description =========== juifilterrules1 is a jQuery plugin which allows...

SA-CONTRIB-2015-048 - Avatar Uploader - Arbitrary PHP code execution

Avatar Uploader module provides an alternative way to upload user pictures. The module doesn't sufficiently enforce file extensions when an avatar is uploaded, allowing users to bypass Drupal's normal file upload protections to install malicious HTML or executable code to the server. This...

jQuery jui_filter_rules PHP Code Execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 PHP Code Execution in juifilterrules Parsing Library ====================================================== Researcher: Timo Schmid Description =========== juifilterrules1 is a jQuery plugin which allows users to generate a ruleset which could be...

CVE-2015-1172

The CVE-2015-1172 entry describes an Unrestricted File Upload vulnerability in WordPress Holding Pattern Theme (Holding Pattern) 0.6 and earlier, due to a faulty admin/upload-file.php that permits uploading PHP files without validation. A remote attacker can upload a PHP payload and trigger arbit...

WP Symposium Plugin for WordPress Arbitrary File Upload

Added: 01/29/2015 BID: 71686 OSVDB: 116046 Background WP Symposium is a social network plugin for WordPress. Problem WP Symposium Plugin for WordPress contains a vulnerability that allows a remote attacker to execute arbitrary PHP code. This vulnerability is due to the...

CVE-2014-9567

Unrestricted file upload vulnerability in process-upload.php in ProjectSend formerly cFTP r100 through r561 allows remote attackers to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via a direct request to the file in the upload/files/ or upload/temp/...

CVE-2014-9567

ProjectSend (formerly cFTP) is affected by CVE-2014-9567 via an Unrestricted file upload in process-upload.php, spanning r100–r561. A remote attacker can upload a PHP file and access it in upload/files/ or upload/temp/ to execute arbitrary PHP code. Impact is described as remote code execution wi...

Debian: Security Advisory (DSA-3120-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2014-9280

The currentusergetbugfilter function in core/currentuserapi.php in MantisBT before 1.2.18 allows remote attackers to execute arbitrary PHP code via the filter parameter...

MantisBT <= 1.2.17 Multiple Vulnerabilities

MantisBT is prone to multiple vulnerabilities. Copyright C 2014 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

MGASA-2014-0468 Updated php-smarty packages fix security vulnerabilities

Cross-site scripting XSS vulnerability in the SmartyException class in Smarty aka smarty-php before 3.1.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors that trigger a Smarty exception CVE-2012-4437. Smarty before 3.1.21 allows remote attackers to bypass t...

Updated php-smarty packages fix security vulnerabilities

Cross-site scripting XSS vulnerability in the SmartyException class in Smarty aka smarty-php before 3.1.12 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors that trigger a Smarty exception CVE-2012-4437. Smarty before 3.1.21 allows remote attackers to bypass t...

CVE-2014-8998

lib/message.php in X7 Chat 2.0.0 through 2.0.5.1 allows remote authenticated users to execute arbitrary PHP code via a crafted HTTP header to index.php, which is processed by the pregreplace function with the eval switch...

CVE-2014-8998

CVE-2014-8998 affects X7 Chat, specifically vulnerable in lib/message.php across versions 2.0.0–2.0.5.1. The issue allows a remote authenticated user to execute arbitrary PHP code by sending a crafted HTTP header to index.php, where the header is processed by preg_replace with the /e modifier. Th...

Croogo 2.0.0 - Arbitrary PHP Code Execution Exploit

No description provided by source. !/usr/bin/env python Croogo 2.0.0 Arbitrary PHP Code Execution Exploit Vendor: Fahad Ibnay Heylaal Product web page: http://www.croogo.org Affected version: 2.0.0 Summary: Croogo is a free, open source, content management system for PHP, released under The MIT...

X7 Chat 2.0.5 - &#039;message.php&#039; PHP Code Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'X7 Chat 2.0.5 lib/message.php pregreplace PHP Code Execution', 'Description' = %q This module exploits a post-auth vulnerability fou...

activeCollab Chat Module Arbitrary PHP Code Execution (CVE-2012-6554)

A code execution vulnerability exists in Chat module for activeCollab.The vulnerability is due to a flaw that is triggered by the pregreplace function.A remote attacker may exploit this vulnerability by evaluating a string with complex curly syntax, allowing for the execution of arbitrary code...

CVE-2014-8350

Smarty before 3.1.21 allows remote attackers to bypass the secure mode restrictions and execute arbitrary PHP code as demonstrated by "literal" in a template...

CVE-2014-8350

Smarty before 3.1.21 allows remote attackers to bypass the secure mode restrictions and execute arbitrary PHP code as demonstrated by "literal" in a template...

Croogo 2.0.0 Arbitrary PHP Code Execution

!/usr/bin/env python Croogo 2.0.0 Arbitrary PHP Code Execution Exploit Vendor: Fahad Ibnay Heylaal Product web page: http://www.croogo.org Affected version: 2.0.0 Summary: Croogo is a free, open source, content management system for PHP, released under The MIT License. It is powered by CakePHP MV...