EspoCRM 2.5.2 XSS / LFI / Access Control

Advisory ID: HTB23238 Product: EspoCRM Vendor: http://www.espocrm.com Vulnerable Versions: 2.5.2 and probably prior Tested Version: 2.5.2 Advisory Publication: October 8, 2014 without technical details Vendor Notification: October 8, 2014 Vendor Patch: October 10, 2014 Public Disclosure: October...

WordPress Slideshow Gallery 1.4.6 Shell Upload Vulnerability (CVE-2014-5460)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I found a serious security vulnerability in the Slideshow Gallery plugin. This bug allows an attacker to upload any php file remotely to the vulnerable website administrator by default. I have tested and verified that having the current version of the...

CVE-2014-2008

SQL injection vulnerability in confirm.php in the mPAY24 payment module before 1.6 for PrestaShop allows remote attackers to execute arbitrary SQL commands via the TID parameter...

Unrestricted file upload

Unrestricted file upload vulnerability in the Tribulant Slideshow Gallery plugin before 1.4.7 for WordPress allows remote authenticated users to execute arbitrary code by uploading a PHP file, then accessing it via a direct request to the file in wp-content/uploads/slideshow-gallery/...

Unrestricted file upload

Unrestricted file upload vulnerability in plog-admin/plog-upload.php in Plogger 1.0 RC1 and earlier allows remote authenticated users to execute arbitrary code by uploading a ZIP file that contains a PHP file and a non-zero length PNG file, then accessing the PHP file via a direct request to it i...

WordPress Slideshow Gallery Plugin 1.4.6 - Shell Upload

Slideshow Gallery plugin is prone to a sehll upload vulnerability. It allows an attacker to upload any PHP file remotely to the vulnerable website. Solution Upgrade the plugin...

File Uploader - PHP File Upload

The wp-file-uploader WordPress plugin was affected by a PHP File Upload security vulnerability...

Western Digital Arkeia Remote Code Execution (CVE-2014-2846)

A remote code execution vulnerability has been reported in WD Arkeia appliance. A remote attacker may exploit this vulnerability by uploading a malicious php file using the lang cookie in order to parse this file. Successful exploitation could result in an arbitrary code execution...

LoveCMS 1.4 install/index.php step Parameter Traversal Arbitrary File Access

No description provided by source. source: http://www.securityfocus.com/bid/22675/info LoveCMS is prone to multiple input-validation vulnerabilities, including an arbitrary-file-upload issue, a remote file-include issue, a local file-include issue, and a cross-site scripting issue. An attacker ca...

Mongoose 2.8 Space String Remote File Disclosure Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/38145/info Mongoose is prone to a remote file-disclosure vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to view the source code of files in the context ...

CPGNuke Dragonfly 9.0.6.1 - Remote Commands Execution Exploit

No description provided by source. ?php ---dragonfly9.0.6.1inclxpl.php 20.15 07/02/2006 CPGNuke Dragonfly 9.0.6.1 remote commands execution through arbitrary local inclusion - Sun-Tzu Drangonfly killing - coded by rgod site: http://rgod.altervista.org - this works regardless of magicquotesgpc...

Ultimate PHP Board 1.9 admin_iplog.PHP Arbitrary PHP Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/7678/info A vulnerability has been reported in Ultimate PHP Board. The problem is said to occur due to insufficient sanitization of user-supplied input before including log data into a PHP file. As a result, it may be...

ttCMS 2.2 / ttForum 1.1 News.php template Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/7542/info A remote file include vulnerability has been reported for both ttForum and ttCMS. Due to insufficient sanitization of some user-supplied variables by the 'News.php' and 'Install.php' scripts, it is possible for ...

Vortex Portal 2.0 index.php act Parameter Remote File Inclusion

No description provided by source. source: http://www.securityfocus.com/bid/12878/info Vortex Portal is reportedly affected by a remote PHP file include vulnerability. This issue is due to a failure in the application to properly sanitize user supplied input. It is conjectured this vulnerability...

AlienVault 4.5.0 Authenticated SQL Injection

No description provided by source. The following request is vulnerable to a SQL injection attack from authenticated users. GET /ossim/report/BusinessAndComplianceISOPCI/ISO27001Bar1.php?datefrom=2014-02-28&dateto=2014-03-30 HTTP/1.1 Host: 172.31.16.150 User-Agent: Mozilla/5.0 X11; Ubuntu; Linux...

@lexPHPTeam @lex Guestbook 3.12 Remote PHP File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11260/info A vulnerability is reported to exist in the @lexPHPTeam @lex Guestbook software that may allow an attacker to include malicious PHP files containing arbitrary code to be executed on a vulnerable system. The iss...

X2CRM 3.4.1 - Multiple Vulnerabilities

No description provided by source. Advisory ID: HTB23172 Product: X2CRM Vendor: X2Engine Inc. Vulnerable Versions: 3.4.1 and probably prior Tested Version: 3.4.1 Advisory Published: September 4, 2013 Vendor Notification: September 4, 2013 Vendor Patch: September 10, 2013 Public Disclosure:...

360 Web Manager 3.0 - Multiple Vulnerabilities

No description provided by source. Exploit Title: Multiple vulnerabilities in 360 Web Manager 3.0 Google Dork: Powered by 360 Web Manager 3.0 Date: 15/04/2011 Author: Ignacio Garrido Contact: [email protected] Software Link: www.360webmanager.com Version: v3.0 Tested on: Linux 2.6.18 Vulnerabilit...

ILIAS 4.4.1 - Multiple Vulnerabilities

No description provided by source. ============================================================== Title ...| Multiple vulnerabilities in ILIAS Version .| ilias-4.4.1.zip Date ....| 21.02.2014 Found ...| HauntIT Blog Home ....| www.ilias.de...

Tastydir <= 1.2 (1216) Multiple Vulnerabilities

No description provided by source. Exploit Title: Tastydir = 1216 folder creation vuln Date: Oct 17 2010 Author: R Software Link: http://codecanyon.net/item/tastydir-an-ajax-file-manager-and-dir-listing/117167 Version: 1216 Tested on: Ubuntu 10.10 Information: Tastydir is a cross-platform PHP fil...