853 matches found
Unrestricted file upload
Unrestricted file upload vulnerability in administrer/produits.php in PEEL, possibly 3.x and earlier, allows remote authenticated administrators to upload and execute arbitrary PHP files via a modified content type in an ajout action, as demonstrated by 1 image/gif and 2 application/pdf...
CVE-2008-1495
Unrestricted file upload vulnerability in administrer/produits.php in PEEL, possibly 3.x and earlier, allows remote authenticated administrators to upload and execute arbitrary PHP files via a modified content type in an ajout action, as demonstrated by 1 image/gif and 2 application/pdf...
CVE-2008-1495
Unrestricted file upload vulnerability in administrer/produits.php in PEEL, possibly 3.x and earlier, allows remote authenticated administrators to upload and execute arbitrary PHP files via a modified content type in an ajout action, as demonstrated by 1 image/gif and 2 application/pdf...
netoffice-exec.txt
netOffice Dwins 1.3 Remote code execution. -------------------------------------------------------- Product: netOffice Dwins Version: 1.3 p2 Vendor: http://netofficedwins.sourceforge.net/ Date: 02/29/08 - Introduction "netOffice Dwins is a free web based time tracking, timesheet, and project...
netOffice Dwins 1.3 Remote code execution.
netOffice Dwins 1.3 Remote code execution. -------------------------------------------------------- Product: netOffice Dwins Version: 1.3 p2 Vendor: http://netofficedwins.sourceforge.net/ Date: 02/29/08 - Introduction "netOffice Dwins is a free web based time tracking, timesheet, and project...
OZJournals 2.1.1 (id) File Disclosure Vulnerability
Exploit for unknown platform in category web applications =================================================== OZJournals 2.1.1 id File Disclosure Vulnerability =================================================== Name: OZJournals 2.1.1 Webiste: http://www.aqonlinenetworks.com/ Vulnerability type:...
Unrestricted file upload
Unrestricted file upload vulnerability in the "My productions" component for main/auth/profile.php aka the "My profile" page in Dokeos 1.8.4 allows remote authenticated users to upload and execute arbitrary PHP files via a filename with a double extension, which can then be accessed through a URI...
CVE-2007-6479
Unrestricted file upload vulnerability in the "My productions" component for main/auth/profile.php aka the "My profile" page in Dokeos 1.8.4 allows remote authenticated users to upload and execute arbitrary PHP files via a filename with a double extension, which can then be accessed through a URI...
Directory traversal
Multiple directory traversal vulnerabilities in index.php in Flat PHP Board 1.2 and earlier allow remote attackers to 1 create arbitrary files via a .. dot dot in the username parameter when registering a user account, and 2 read arbitrary PHP files via a .. dot dot in a the topic parameter in a...
CVE-2007-6397
Multiple directory traversal vulnerabilities in index.php in Flat PHP Board 1.2 and earlier allow remote attackers to 1 create arbitrary files via a .. dot dot in the username parameter when registering a user account, and 2 read arbitrary PHP files via a .. dot dot in a the topic parameter in a...
CVE-2007-6397
Multiple directory traversal vulnerabilities in index.php in Flat PHP Board 1.2 and earlier allow remote attackers to 1 create arbitrary files via a .. dot dot in the username parameter when registering a user account, and 2 read arbitrary PHP files via a .. dot dot in a the topic parameter in a...
CVE-2007-4905
Unrestricted file upload vulnerability in mod/contak.php in AuraCMS 2.1 allows remote attackers to upload and execute arbitrary PHP files via the image parameter, which places a file under files/...
auracms15-sql.txt
AuraCMS version 1.5rc - Multiple Remote SQL Injection Vulnerabilities Vendor : http://www.auracms.org/ Ditemukan oleh : k1tk4t - k1tk4t4tnewhack.org Lokasi : Indonesia -- newhackdotorg @ irc.dal.net // Kutu pada berkas 'hal.php' baris-7 $perintah="SELECT FROM halaman WHERE id=$id"; $hasil =...
Weblogicnet - files_dir Multiple Remote File Inclusions
Weblogicnet - filesdir Multiple Remote File Inclusions Nyubicrew Community Weblogicnet filesdir Remote File Inclusion vendor : http://www.weblogicnet.com/ source : http://weblogicnet.com/data/weblogicnet.tgz Bug Found By :homeedition2001 a.k.a bius 31-08-2007 contact: [email protected] Website :...
Unrestricted file upload
Unrestricted file upload vulnerability in index.php in Pakupaku CMS 0.4 and earlier allows remote attackers to upload and execute arbitrary PHP files in uploads/ via an Uploads action...
CVE-2007-4640
Unrestricted file upload vulnerability in index.php in Pakupaku CMS 0.4 and earlier allows remote attackers to upload and execute arbitrary PHP files in uploads/ via an Uploads action...
CVE-2007-4640
Unrestricted file upload vulnerability in index.php in Pakupaku CMS 0.4 and earlier allows remote attackers to upload and execute arbitrary PHP files in uploads/ via an Uploads action...
CVE-2007-4610
Unrestricted file upload vulnerability in config/upload.php in Moonware aka Dale Mooney Gallery allows remote attackers to upload and execute arbitrary PHP files in images/, possibly related to config/admin.php...
CVE-2007-4610
Unrestricted file upload vulnerability in config/upload.php in Moonware aka Dale Mooney Gallery allows remote attackers to upload and execute arbitrary PHP files in images/, possibly related to config/admin.php...
CVE-2007-4610
The CVE-2007-4610 issue affects Moonware (aka Dale Mooney Gallery). It is an unrestricted file upload vulnerability in config/upload.php that lets remote attackers upload and execute arbitrary PHP files in the images/ directory, with potential relation to config/admin.php. The entry states this a...