7221 matches found
CVE-2015-6968
Multiple incomplete blacklist vulnerabilities in the serendipityisActiveFile function in include/functionsimages.inc.php in Serendipity before 2.0.2 allow remote authenticated users to execute arbitrary PHP code by uploading a file with a 1 .pht or 2 .phtml extension...
Input validation
Multiple incomplete blacklist vulnerabilities in the serendipityisActiveFile function in include/functionsimages.inc.php in Serendipity before 2.0.2 allow remote authenticated users to execute arbitrary PHP code by uploading a file with a 1 .pht or 2 .phtml extension...
CVE-2015-6968
Multiple incomplete blacklist vulnerabilities in the serendipityisActiveFile function in include/functionsimages.inc.php in Serendipity before 2.0.2 allow remote authenticated users to execute arbitrary PHP code by uploading a file with a 1 .pht or 2 .phtml extension...
CVE-2015-6968
Multiple incomplete blacklist vulnerabilities in the serendipityisActiveFile function in include/functionsimages.inc.php in Serendipity before 2.0.2 allow remote authenticated users to execute arbitrary PHP code by uploading a file with a 1 .pht or 2 .phtml extension...
CVE-2015-6968
CVE-2015-6968 affects Serendipity before 2.0.2. The root cause is an incomplete blacklist in the function serendipity_isActiveFile (include/functions_images.inc.php), allowing remote authenticated users to upload a file with a ".pht" or ".phtml" extension and execute arbitrary PHP code. Public ad...
CMS Bolt - Arbitrary File Upload (Metasploit)
This module requires Metasploit: http://www.metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'CMS Bolt File Upload Vulnerability', 'Description' = %q Bolt CMS contains a flaw that allows an authenticated remote attacker to...
CMS Bolt File Upload Vulnerability
Bolt CMS contains a flaw that allows an authenticated remote attacker to execute arbitrary PHP code. This module was tested on version 2.2.4. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'CMS...
AjaxPortal di.php File Inclusion (CVE-2009-2262)
A remote file inclusion vulnerability has been reported in AjaxPortal. The vulnerability is caused due to improper handling of crafted URL using the "pathtoserverdata" parameter. Successful exploitation will let the remote attacker to execute arbitrary PHP code...
FTP ftpchk3.php File Upload
A file upload vulnerability has been reported in FTP servers. The uploaded file is ftpchk3.php which contains a virus. This virus changes all web files, PHP, HTML, Javascript and TPL files in CMS systems to add a malicious script into the site. Successful exploitation of this vulnerability could...
Ganglia Web Frontend 3.5.1 - PHP Code Execution
Ganglia Web Frontend 3.5.1 - PHP Code Execution...
Thumbnail Carousel Slider < 1.0.1 - Authenticated Shell Upload & CSRF
The original advisory states that this vulnerability is exploitable with editor and author roles but this is incorrect. Only the administrator role by default can trigger this vulnerability. However, CSRF on the image upload form makes this exploitable by a malicious actor. PoC Create a file name...
Ganglia Web Frontend PHP Code Execution
...
Nuts CMS Remote PHP Code Injection / Execution Exploit
Exploit for php platform in category web applications "cli" die$error0; if$argc "; echo"\nExample: php $argv0 localhost /"; die; ifisset$argv1 && isset$argv2 $host = $argv1; $path = $argv2; $pack = "GET $pathnuts/login.php?r= HTTP/1.0\r\n"; $pack.= "Host: $host\r\n"; $pack.= "Cmd: %s\r\n"; $pack....
Microsoft Windows HTA (HTML Application) - Remote Code Execution Exploit
Microsoft Windows HTA HTML Application remote code execution exploit that leverages MS14-064. !/usr/bin/php poc'."\n\n"; $reza = socketcreateAFINET, SOCKSTREAM, 0 or die'Failed to create socket!'; socketbind$reza, 0,$port; socketlisten$...
Updated owncloud package fixes security vulnerabilities
In ownCloud before 6.0.8 and 8.0.4, a bug in the SDK used to connect ownCloud against the Dropbox server might allow the owner of "Dropbox.com" to gain access to any files on the ownCloud server if an external Dropbox storage was mounted CVE-2015-4715. In ownCloud before 6.0.8 and 8.0.4, the...
Netsweeper 4.0.9 - Multiple Vulnerabilities
Exploit for php platform in category web applications Netsweeper 4.0.9 - Multiple Vulnerabilities +--------------------------------------------------------+ + Netsweeper 4.0.9 - Arbitrary File Upload and Execution + +--------------------------------------------------------+ Affected Product:...
Microweber 1.0.3 Shell Upload
Microweber v1.0.3 File Upload Filter Bypass Remote PHP Code Execution Vendor: Microweber Team Product web page: http://www.microweber.com Affected version: 1.0.3 Summary: Microweber is an open source drag and drop PHP/Laravel CMS licensed under Apache License, Version 2.0 which allows you to...
Microweber v1.0.3 File Upload Filter Bypass Remote PHP Code Execution
Summary Microweber is an open source drag and drop PHP/Laravel CMS licensed under Apache License, Version 2.0 which allows you to create your own website, blog or online shop. Description Microweber suffers from an authenticated arbitrary command execution vulnerability. The issue is caused due t...
FreeBSD : pivotx -- Multiple unrestricted file upload vulnerabilities (7313b0e3-27b4-11e5-a15a-50af736ef1c0)
Pivotx reports : Multiple unrestricted file upload vulnerabilities in fileupload.php in PivotX before 2.3.9 allow remote authenticated users to execute arbitrary PHP code by uploading a file with a 1 .php or 2 .php extension, and then accessing it via unspecified vectors. %NASLMINLEVEL 70300 C...
SO Planning 1.32 - Multiple Vulnerabilities
Exploit for php platform in category web applications SOPlanning - Simple Online Planning Tool multiple vulnerabilities CVEs: CVE-2014-8673, CVE-2014-8674, CVE-2014-8675, CVE-2014-8676, CVE-2014-8677 Vendor: http://www.soplanning.org/ Product: SOPlanning - Simple Online Planning Version affected:...