CVE-2015-1059

Unrestricted file upload vulnerability in admin/files/add in AdaptCMS 3.0.3 allows remote authenticated users to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via a direct request to the file in /app/webroot/uploads...

Unrestricted file upload

Unrestricted file upload vulnerability in admin/files/add in AdaptCMS 3.0.3 allows remote authenticated users to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via a direct request to the file in /app/webroot/uploads...

CVE-2015-1059

Unrestricted file upload vulnerability in admin/files/add in AdaptCMS 3.0.3 allows remote authenticated users to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via a direct request to the file in /app/webroot/uploads...

WordPress WP Symposium 14.11 Shell Upload Exploit

Exploit for php platform in category remote exploits This module requires Metasploit: http://www.metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'WordPress WP Symposium 14.11 Shell Upload', 'Description' = %qWP Symposium...

WordPress WP Symposium 14.11 Shell Upload

This module requires Metasploit: http://www.metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'WordPress WP Symposium 14.11 Shell Upload', 'Description' = %qWP Symposium Plugin for WordPress contains a flaw that allows a...

WordPress WP EasyCart Unrestricted File Upload

WordPress Shopping Cart WP EasyCart Plugin for WordPress contains a flaw that allows a remote attacker to execute arbitrary PHP code. This flaw exists because the /inc/amfphp/administration/banneruploaderscript.php script does not properly verify or sanitize user-uploaded files. By uploading a .p...

Debian DSA-3120-1 : mantis - security update

Multiple security issues have been found in the Mantis bug tracking system, which may result in phishing, information disclosure, CAPTCHA bypass, SQL injection, cross-site scripting or the execution of arbitrary PHP code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text a...

WordPress WP Symposium 14.11 Shell Upload

WP Symposium Plugin for WordPress contains a flaw that allows a remote attacker to execute arbitrary PHP code. This flaw exists because the /wp-symposium/server/fileuploadform.php script does not properly verify or sanitize user-uploaded files. By uploading a .php file, the remote system will pla...

CVE-2014-9567

Unrestricted file upload vulnerability in process-upload.php in ProjectSend formerly cFTP r100 through r561 allows remote attackers to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via a direct request to the file in the upload/files/ or upload/temp/...

Unrestricted file upload

Unrestricted file upload vulnerability in process-upload.php in ProjectSend formerly cFTP r100 through r561 allows remote attackers to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via a direct request to the file in the upload/files/ or upload/temp/...

CVE-2014-9567

ProjectSend (formerly cFTP) is affected by CVE-2014-9567 via an Unrestricted file upload in process-upload.php, spanning r100–r561. A remote attacker can upload a PHP file and access it in upload/files/ or upload/temp/ to execute arbitrary PHP code. Impact is described as remote code execution wi...

[SECURITY] [DSA 3120-1] mantis security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3120-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff January 06, 2015 http://www.debian.org/security/faq -...

AdaptCMS 3.0.3 XSS / Remote Code Execute Vulnerabilities

AdaptCMS version 3.0.3 suffers from an authenticated arbitrary command execution vulnerability. The issue is caused due to the improper verification of uploaded files. This can be exploited to execute arbitrary PHP code by creating or uploading a malicious PHP script file that will be stored in...

DSA-3120-1 mantis - security update

Bulletin has no description...

CVE-2014-8085

Unrestricted file upload vulnerability in the CWebContact::doModel method in oc-includes/osclass/controller/contact.php in OSClass before 3.4.3 allows remote attackers to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via a direct request to the file in an...

Unrestricted file upload

Unrestricted file upload vulnerability in the CWebContact::doModel method in oc-includes/osclass/controller/contact.php in OSClass before 3.4.3 allows remote attackers to execute arbitrary PHP code by uploading a file with a PHP extension, then accessing it via a direct request to the file in an...

Debian: Security Advisory (DSA-3120-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oxwall-1.7.0

Oxwall suffers from an authenticated arbitrary PHP code execution. The vulnerability is caused due to the improper verification of uploaded files in '/admin/settings/user' script thru the 'avatar' and 'bigAvatar' POST parameters. This can be exploited to execute arbitrary PHP code by uploading a...

Osclass 3.4.2 Shell Upload Vulnerability

Osclass versions 3.4.2 and below suffer from a remote shell upload vulnerability. --------------------------------------------------------------------- Osclass redirectTo osccontacturl ; 107. 108. 109. if !moveuploadedfile$tmpName, $path 110. unset$path; 111. 112. 113. The vulnerability exists...

Mantis Bug Tracker 1.2.17 PHP Code Injection Vulnerability

Mantis Bug Tracker versions 1.2.0 through 1.2.17 suffer from a PHP code injection vulnerability. ----------------------------------------------------------------------------- Mantis Bug Tracker $newId 108. $bugData = bugget $newId, true ; 109. 110. $bugLinkRegexp = '/^|^\w' . pregquote...