5 matches found
EUVD-2016-1753
Malware in sbrugna...
CVE-2016-10759
The Xinha plugin in Precurio 2.1 allows Directory Traversal, with resultant arbitrary code execution, via ExtendedFileManager/Classes/ExtendedFileManager.php because ExtendedFileManager can be used to rename the .htaccess file that blocks .php uploads...
Directory traversal
The Xinha plugin in Precurio 2.1 allows Directory Traversal, with resultant arbitrary code execution, via ExtendedFileManager/Classes/ExtendedFileManager.php because ExtendedFileManager can be used to rename the .htaccess file that blocks .php uploads...
CVE-2016-10759
CVE-2016-10759 describes a path traversal vulnerability in Precurio 2.1 via the Xinha plugin. The flaw is in ExtendedFileManager/Classes/ExtendedFileManager.php, where ExtendedFileManager can be used to rename the .htaccess file that blocks PHP uploads, enabling directory traversal and resulting ...
Precurio 2.1: Remote Command Execution via Xinha Plugin
RIPS Analysis RIPS detected many security vulnerabilities, such as SQL injection and cross-site scripting issues. In order to exploit most of these vulnerabilities in Precurios code base, a user account is required. Precurio also includes a lot of third-party code though that is directly...