appRain 4.0.3 Path Traversal

Security Advisory - Curesec Research Team 1. Introduction Affected Product: appRain 4.0.3 Fixed in: not fixed Fixed Version Link: n/a Vendor Website: [email protected] Vulnerability Type: Path Traversal Remote Exploitable: Yes Reported to vendor: 10/02/2015 Disclosed to public: 12/02/2015 Release...

SimpleBB 4.2 Shell Upload

SimpleBB 4.2 + All ver upload Vulnerability ========================================== Author : indoushka Vondor : http://themeforest.net/item/simple-bulletin-board/58838?ref=themac Dork : SBB V4.2 ========================= 1 register in forum 2 Creat a new topic 3 Attachment a php file to downol...

WordPress Plugin Gwolle Guestbook 1.5.3 - Remote File Inclusion

Advisory ID: HTB23275 Product: Gwolle Guestbook WordPress Plugin Vendor: Marcel Pol Vulnerable Versions: 1.5.3 and probably prior Tested Version: 1.5.3 Advisory Publication: October 14, 2015 without technical details Vendor Notification: October 14, 2015 Vendor Patch: October 16, 2015 Public...

WordPress Gwolle Guestbook 1.5.3 Remote File Inclusion

Advisory ID: HTB23275 Product: Gwolle Guestbook WordPress Plugin Vendor: Marcel Pol Vulnerable Versions: 1.5.3 and probably prior Tested Version: 1.5.3 Advisory Publication: October 14, 2015 without technical details Vendor Notification: October 14, 2015 Vendor Patch: October 16, 2015 Public...

Zenphoto 1.4.10 Local File Inclusion

Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/ZEN-PHOTO-1.4.10-LFI.txt Vendor: ==================== www.zenphoto.org Product: =================== Zenphoto 1.4.10 Vulnerability Type: ======================== Local File Inclusion CVE...

ZenPhoto 1.4.10 - Local File Inclusion

ZenPhoto 1.4.10 - Local File Inclusion + Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/ZEN-PHOTO-1.4.10-LFI.txt Vendor: ==================== www.zenphoto.org Product: =================== Zenphoto 1.4.10 Vulnerability Type:...

ZenPhoto 1.4.10 - Local File Inclusion

Credits: hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/ZEN-PHOTO-1.4.10-LFI.txt Vendor: ==================== www.zenphoto.org Product: =================== Zenphoto 1.4.10 Vulnerability Type: ======================== Local File Inclusion CVE...

Centreon 2.6.x < 2.6.2 File Upload RCE

According to its version number, the Centreon application hosted on the remote web server is 2.6.x prior to 2.6.2. It is, therefore, affected by a remote code execution vulnerability due to improper sanitization of user-uploaded files via the main.php script. An authenticated, remote attacker can...

DEBIAN-CVE-2015-5734

Cross-site scripting XSS vulnerability in the legacy theme preview implementation in wp-includes/theme.php in WordPress before 4.2.4 allows remote attackers to inject arbitrary web script or HTML via a crafted string...

Wordpress AlertWire 1.1.1 Plugin - Full Path Disclosure Vulnerability

Exploit for php platform in category web applications Title : Wordpress Plugin AlertWire 1.1.1 - Full Path Disclosure Vulnerability Date : 17/12/2014 Author : ZwX Download Link : https://wordpress.org/plugins/alertwire/ Vendor : http://www.alertwire.com/ Tested : Windows 7...

Vtiger CRM 6.3.0 Authenticated Remote Code Execution

Exploit for php platform in category web applications Exploit Title: Vtiger CRM = 6.3.0 Authenticated Remote Code Execution Date: 2015-09-28 Exploit Author: Benjamin Daniel Mussler Vendor Homepage: https://www.vtiger.com Software Link: https://www.vtiger.com/open-source-downloads/ Version: 6.3.0...

台州市极速网络CMS /data/log/passlog.php 任意代码执行漏洞

先看根目录当中的login.php? $ISLOGIN = true; require "./includes/headinc.php"; registershutdownfunction'unionend'; if$action == 'logout' $unionuser = $unionpass = $gid = ''; //clearcookies; //$sessarr = array; $SESSIONsessarr = $sessarr = ''; sessionunregister'sessarr'; echo "meta http-equiv="refresh"...

Zen Cart 1.5.4 Code Execution / Information Disclosure

Zen Cart 1.5.4: Code Execution and Information Leak Security Advisory – Curesec Research Team 1. Introduction Affected Product: Zen Cart 1.5.4 Fixed in: partial fix via patch Partial Patch Link: https://www.zen-cart.com/showthread.php?218239-curesec-security-report-Patch-Included Vendor Contact:...

Symantec Web Gateway Arbitrary PHP File Upload Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Web Gateway. Authentication is required to exploit this vulnerability, however it can be bypassed via reflected cross-site scripting. The specific flaw exists within the adminmessages.php...

Revived Wire Media PHP File Manager Username Backdoor

An attacker might use a backdoor which exists in PHP File Manager's user database. A successful exploitation might allow the attacker to create an administrator user on vulnerable installations or to run arbitrary code...

Bolt 2.2.4 Shell Upload Vulnerability

Bolt version 2.2.4 suffers from a code execution vulnerability via shell upload. Bolt 2.2.4: Code Execution Security Advisory – Curesec Research Team 1. Introduction Affected Product: Bolt 2.2.4 Fixed in: 2.2.5 Fixed Version Link: http://bolt.cm/distribution/archive/bolt-2.2.5.zip Vendor Contact:...

Bolt 2.2.4 Shell Upload

Bolt 2.2.4: Code Execution Security Advisory – Curesec Research Team 1. Introduction Affected Product: Bolt 2.2.4 Fixed in: 2.2.5 Fixed Version Link: http://bolt.cm/distribution/archive/bolt-2.2.5.zip Vendor Contact: Website: https://bolt.cm Vulnerability Type: Code Execution Remote Exploitable:...

PHP File Manager Backdoor Vulnerability

PHP File Manager consists of a default backdoor user. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

WordPress GD bbPress Attachments 2.1 Cross Site Scripting / Local File Inclusion Vulnerabilities

WordPress GD bbPress Attachments plugin version 2.1 suffers from a cross site scripting and Local File Inclusion Vulnerabilities Details ================ Software: GD bbPress Attachments Version: 2.1 Homepage: http://wordpress.org/plugins/gd-bbpress-attachments/ Advisory report:...

WordPress Plugin Aviary Image Editor Addon For Gravity Forms 3.0 Beta - Arbitrary File Upload

WordPress Plugin Aviary Image Editor Addon For Gravity Forms 3.0 Beta - Arbitrary File Upload Title: Remote file upload vulnerability in aviary-image-editor-add-on-for-gravity-forms v3.0beta Wordpress plugin Author: Larry W. Cashdollar, @larry0 Date: 2015-06-07 Download Site:...