GLSA-201206-09 : MediaWiki: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201206-09 MediaWiki: Multiple vulnerabilities Multiple vulnerabilities have been discovered in mediawiki. Please review the CVE identifiers referenced below for details. Impact : MediaWiki allows remote attackers to bypass...

MediaWiki: Multiple vulnerabilities

Background The MediaWiki wiki web application as used on wikipedia.org. Description Multiple vulnerabilities have been discovered in mediawiki. Please review the CVE identifiers referenced below for details. Impact MediaWiki allows remote attackers to bypass authentication, to perform imports fro...

WordPress Nmedia Users File Uploader Plugin Arbitrary File Upload Vulnerability

WordPress Nmedia Users File Uploader Plugin is prone to file upload vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

WordPress Nmedia Member Conversation Plugin Arbitrary File Upload Vulnerability

WordPress Nmedia Member Conversation Plugin is prone to file upload vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

WordPress WP-Property Plugin 1.35.0 'uploadify.php' Arbitrary File Upload Vulnerability - Active Check

WordPress WP-Property Plugin is prone to a file upload vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

ClanSuite 2.9 Arbitrary File Upload Vulnerability

Exploit for php platform in category web applications Exploit Title: ClanSuite 2.9 Arbitrary File Upload Date: 29/05/2012 Exploit Author: Adrien Thierry Vendor Homepage: http://clansuite.com/ Software Link : https://github.com/jakoch/Clansuite or : http://svn.gna.org/svn/clansuite/trunk/ Version:...

WordPress Foxypress Plugin 'uploadify.php' Arbitrary File Upload Vulnerability

WordPress Foxypress Plugin is prone to file upload vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

WordPress HTML5 AV Manager Plugin 'custom.php' Arbitrary File Upload Vulnerability

WordPress HTML5 AV Manager Plugin is prone to a file upload vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

WordPress Asset Manager Plugin 0.2 'upload.php' Arbitrary File Upload Vulnerability - Active Check

WordPress Asset Manager Plugin is prone to a file upload vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

WordPress Asset Manager Plugin 0.2 - Arbitrary File Upload

WordPress Asset Manager plugin is prone to an arbitrary file upload vulnerability. It allows an attacker to upload arbitrary PHP code and run it in the context of the Web server process. This may facilitate unauthorized access or privilege escalation. Solution Update the plugin...

WordPress Plugin Picturesurf Gallery - upload.php Arbitrary File Upload

WordPress Plugin Picturesurf Gallery - upload.php Arbitrary File Upload source: https://www.securityfocus.com/bid/53894/info Picturesurf Gallery plugin is prone to a vulnerability that lets attackers upload arbitrary files. The issue occurs because the application fails to adequately sanitize...

WordPress Plugin Picturesurf Gallery - 'upload.php' Arbitrary File Upload

source: https://www.securityfocus.com/bid/53894/info Picturesurf Gallery plugin is prone to a vulnerability that lets attackers upload arbitrary files. The issue occurs because the application fails to adequately sanitize user-supplied input. An attacker can exploit this issue to upload arbitrary...

Log1 CMS writeInfo() PHP Code Injection

Exploit for php platform in category web applications This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

Gallery 3.06 - Unauthenticated File Upload PHP Code Execution

The Gallery by BestWebSoft WordPress plugin was affected by an Unauthenticated File Upload PHP Code Execution security vulnerability. PoC The vulnerable file was: http://www.example.com/wp-content/plugins/gallery-plugin/upload/php.php...

Gallery 3.06 - Unauthenticated File Upload PHP Code Execution

The Gallery by BestWebSoft WordPress plugin was affected by an Unauthenticated File Upload PHP Code Execution security vulnerability. The vulnerable file was: http://www.example.com/wp-content/plugins/gallery-plugin/upload/php.php...

Symantec Web Gateway 5.0.2.8 relfile File Inclusion Vulnerability

This module exploits a vulnerability found in Symantec Web Gateway's HTTP service. By injecting PHP code in the access log, it is possible to load it with a directory traversal flaw, which allows remote code execution under the context of 'apache'. Please note that it may take up to several minut...

Symantec Web Gateway 5.0.2.8 Command Execution

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "Symantec Web...

Symantec Web Gateway 5.0.2.8 Command Execution

Exploit for linux platform in category remote exploits This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

AzDGDatingMedium 1.9.3 XSS / CSRF / SQL Injection / Directory Traversal

Exploit for php platform in category web applications ================================================= Vulnerable Software: AzDGDatingMedium Version 1.9.3 Official Site: http://www.azdg.com/ ================================================= ================================================= Teste...

AzDGDatingMedium 1.9.3 XSS / CSRF / SQL Injection / Directory Traversal

================================================= Vulnerable Software: AzDGDatingMedium Version 1.9.3 Official Site: http://www.azdg.com/ ================================================= ================================================= Tested: php.ini MAGICQUOTESGPC OFF Safe mode off / OS:...