Eaton Network Shutdown Module Arbitrary PHP Code Execution Vulnerability

Eaton Network Shutdown Module is prone to a remote PHP code-execution vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if...

WordPress wpStoreCart Plugin 'upload.php' Arbitrary File Upload Vulnerability

WordPress wpStoreCart Plugin is prone to file upload vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

WordPress Plugin Generic - Arbitrary File Upload

source: https://www.securityfocus.com/bid/54440/info The Generic Plugin for WordPress is prone to an arbitrary-file-upload vulnerability. An attacker can exploit this issue to upload arbitrary PHP code and run it in the context of the Web server process. This may facilitate unauthorized access or...

CVE-2012-1037

PHP remote file inclusion vulnerability in front/popup.php in GLPI 0.78 through 0.80.61 allows remote authenticated users to execute arbitrary PHP code via a URL in the subtype parameter...

Remote file inclusion

PHP remote file inclusion vulnerability in front/popup.php in GLPI 0.78 through 0.80.61 allows remote authenticated users to execute arbitrary PHP code via a URL in the subtype parameter...

Code injection

TikiWiki CMS/Groupware before 6.7 LTS and before 8.4 allows remote attackers to execute arbitrary PHP code via a crafted serialized object in the 1 cookieName to lib/banners/bannerlib.php; 2 printpages or 3 printstructures parameter to a tiki-printmultipages.php or b tiki-printpages.php; or 4...

PT-2012-2943 · Tiki · Tikiwiki Cms/Groupware

Name of the Vulnerable Software and Affected Versions: TikiWiki CMS/Groupware versions prior to 6.7 LTS and prior to 8.4 Description: The issue allows remote attackers to execute arbitrary PHP code via a crafted serialized object. This can be achieved through several parameters, including...

Tiki Wiki CMS Groupware 8.3 - 'Unserialize()' PHP Code Execution

?php / ----------------------------------------------------------------- Tiki Wiki CMS Groupware = 8.3 "unserialize" PHP Code Execution ----------------------------------------------------------------- author...........: Egidio Romano aka EgiX mail.............: n0b0d13satgmaildotcom software...

Magix CMS 'upload.php'arbitrary file upload vulnerability-vulnerability warning-the black bar safety net

Magix CMS 'upload.php'arbitrary file upload vulnerability Release date: 2012-06-29 Update date: 2012-07-03 Affected system: Magix CMS Magix CMS 2.3.5 Description: -------------------------------------------------------------------------------- BUGTRAQ ID: 5 4 2 5 4 Magix CMS is open source conten...

Fedora 16 : gallery3-3.0.4-1.fc16 (2012-9666)

Gallery 3.0.4 was released with the following release notes : After several extensive internal and external security audits which discovered 22 distinct vulnerabilities, we are releasing Gallery 3.0.4 as a security release. All of the issues require that someone with malicious intent either have ...

Fedora 17 : gallery3-3.0.4-1.fc17 (2012-9705)

Gallery 3.0.4 was released with the following release notes : After several extensive internal and external security audits which discovered 22 distinct vulnerabilities, we are releasing Gallery 3.0.4 as a security release. All of the issues require that someone with malicious intent either have ...

Unrestricted file upload

Unrestricted file upload vulnerability in font-upload.php in the Font Uploader plugin 1.2.4 for WordPress allows remote attackers to execute arbitrary PHP code by uploading a PHP file with a .php.ttf extension, then accessing it via a direct request to the file in font-uploader/fonts...

CVE-2012-3814

CVE-2012-3814 affects the Font Uploader WordPress plugin (version 1.2.4). The vulnerability is an unrestricted file upload in font-upload.php, enabling remote attackers to upload a PHP file with a .php.ttf extension and then access it under font-uploader/fonts, leading to arbitrary PHP code execu...

GLSA-201206-09 : MediaWiki: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201206-09 MediaWiki: Multiple vulnerabilities Multiple vulnerabilities have been discovered in mediawiki. Please review the CVE identifiers referenced below for details. Impact : MediaWiki allows remote attackers to bypass...

MediaWiki: Multiple vulnerabilities

Background The MediaWiki wiki web application as used on wikipedia.org. Description Multiple vulnerabilities have been discovered in mediawiki. Please review the CVE identifiers referenced below for details. Impact MediaWiki allows remote attackers to bypass authentication, to perform imports fro...

WordPress Nmedia Member Conversation Plugin Arbitrary File Upload Vulnerability

WordPress Nmedia Member Conversation Plugin is prone to file upload vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

WordPress Nmedia Users File Uploader Plugin Arbitrary File Upload Vulnerability

WordPress Nmedia Users File Uploader Plugin is prone to file upload vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

WordPress WP-Property Plugin 1.35.0 'uploadify.php' Arbitrary File Upload Vulnerability - Active Check

WordPress WP-Property Plugin is prone to a file upload vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

ClanSuite 2.9 Arbitrary File Upload Vulnerability

Exploit for php platform in category web applications Exploit Title: ClanSuite 2.9 Arbitrary File Upload Date: 29/05/2012 Exploit Author: Adrien Thierry Vendor Homepage: http://clansuite.com/ Software Link : https://github.com/jakoch/Clansuite or : http://svn.gna.org/svn/clansuite/trunk/ Version:...

WordPress Foxypress Plugin 'uploadify.php' Arbitrary File Upload Vulnerability

WordPress Foxypress Plugin is prone to file upload vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...