751 matches found
Remote file upload vulnerability in wordpress plugin videowhisper-video-presentation v3.31.17
Title: Remote file upload vulnerability in wordpress plugin videowhisper-video-presentation v3.31.17 Author: Larry W. Cashdollar, @larry0 Date: 2015-03-29 Download Site: https://wordpress.org/plugins/videowhisper-video-presentation/ Vendor: http://www.videowhisper.com/ Vendor Notified: 2015-03-29...
[SECURITY] Fedora 20 Update: libreoffice-4.2.8.2-8.fc20
LibreOffice is an Open Source, community-developed, office productivity sui te. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office suites...
WordPress VideoWhisper Video Presentation Plugin 3.31.17 /vp/vw_upload.php 文件上传漏洞
/vp/vwupload.php?php if $GET"room" $room=$GET"room"; if $POST"room" $room=$POST"room"; $filename=$FILES'vwfile''name'; includeonce"incsan.php"; sanV$room; if !$room exit; sanV$filename; if strstr$filename,".php" $filename = ""; //duplicate php extension not allowed due to vulnerabilities of older...
WordPress VideoWhisper Video Presentation 3.31.17 - Remote File Upload
WordPress Kernel theme is prone to a remote file upload vulnerability. Because of this vulnerability, anyone can upload the files for the example, .zip, .rar, .mp3, .jpeg, .txt, .html, etc. to an wordpress site. Solution Upgrade the plugin...
WordPress Plugin VideoWhisper Video Presentation 3.31.17 - Arbitrary File Upload
Title: Remote file upload vulnerability in wordpress plugin videowhisper-video-presentation v3.31.17 Author: Larry W. Cashdollar, @larry0 Date: 2015-03-29 Download Site: https://wordpress.org/plugins/videowhisper-video-presentation/ Vendor: http://www.videowhisper.com/ Vendor Notified: 2015-03-31...
[SECURITY] Fedora 20 Update: drupal7-views-3.10-1.fc20
The views module provides a flexible method for Drupal site designers to control how lists of content nodes are presented. Traditionally, Drupal has hard-coded most of this, particularly in how taxonomy and tracker lists are formatted. This tool is essentially a smart query builder that, given...
Code injection
The OLE Point of Sale OPOS drivers before 1.13.003 on HP Point of Sale Windows PCs allow remote attackers to execute arbitrary code via vectors involving OPOSScanner.ocx for Imaging Barcode scanners, Linear Barcode scanners, Presentation Barcode scanners, Retail Integrated Barcode scanners,...
CVE-2014-7897
HP OPOS CCO drivers released before 1.13.003 are affected by ARBITRARY CODE EXECUTION via OPOSScanner.ocx and related ActiveX controls across HP POS devices. The connected Nessus/HP advisories identify CVE-2014-7897 and related CVEs (e.g., 2014-7888..7898) as remote code execution vulnerabilities...
[SECURITY] Fedora 20 Update: drupal6-views-2.18-1.fc20
The views module provides a flexible method for Drupal site designers to control how lists of content nodes are presented. Traditionally, Drupal has hard-coded most of this, particularly in how taxonomy and tracker lists are formatted. This tool is essentially a smart query builder that, given...
[SECURITY] Fedora 21 Update: drupal6-views-2.18-1.fc21
The views module provides a flexible method for Drupal site designers to control how lists of content nodes are presented. Traditionally, Drupal has hard-coded most of this, particularly in how taxonomy and tracker lists are formatted. This tool is essentially a smart query builder that, given...
OpenGraphiti: Data Visualization Engine
OpenGraphiti is a free and open source 3D data visualization engine for data scientists to visualize semantic networks and to work with them. It offers an easy-to-use API with several associated libraries to create custom-made datasets. It leverages the power of GPUs to process and explore the da...
[SECURITY] Fedora 21 Update: php-Smarty-3.1.21-1.fc21
Although Smarty is known as a "Template Engine", it would be more accurately described as a "Template/Presentation Framework." That is, it provides the programmer and template designer with a wealth of tools to automate tasks commonly dealt with at the presentation layer of an application. I stre...
[SECURITY] Fedora 20 Update: php-Smarty-3.1.21-1.fc20
Although Smarty is known as a "Template Engine", it would be more accurately described as a "Template/Presentation Framework." That is, it provides the programmer and template designer with a wealth of tools to automate tasks commonly dealt with at the presentation layer of an application. I stre...
[SECURITY] Fedora 19 Update: php-Smarty-3.1.21-1.fc19
Although Smarty is known as a "Template Engine", it would be more accurately described as a "Template/Presentation Framework." That is, it provides the programmer and template designer with a wealth of tools to automate tasks commonly dealt with at the presentation layer of an application. I stre...
MS14-060 Microsoft Windows OLE Package Manager Code Execution
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "MS14-060 Microsoft Windows OLE Package Manager Code Execution", 'Description' = %q This module exploits a vulnerability found in...
MS14-060 Microsoft Windows OLE Package Manager Code Execution
This module exploits a vulnerability found in Windows Object Linking and Embedding OLE allowing arbitrary code execution, publicly known as "Sandworm". Platforms such as Windows Vista SP2 all the way to Windows 8, Windows Server 2008 and 2012 are known to be vulnerable. However, based on our...
[SECURITY] Fedora 20 Update: libreoffice-4.2.6.3-3.fc20
LibreOffice is an Open Source, community-developed, office productivity sui te. It includes the key desktop applications, such as a word processor, spreadsheet, presentation manager, formula editor and drawing program, with a user interface and feature set similar to other office suites...
[SECURITY] Fedora 19 Update: drupal7-views-3.8-1.fc19
The views module provides a flexible method for Drupal site designers to control how lists of content nodes are presented. Traditionally, Drupal has hard-coded most of this, particularly in how taxonomy and tracker lists are formatted. This tool is essentially a smart query builder that, given...
[SECURITY] Fedora 20 Update: drupal7-views-3.8-1.fc20
The views module provides a flexible method for Drupal site designers to control how lists of content nodes are presented. Traditionally, Drupal has hard-coded most of this, particularly in how taxonomy and tracker lists are formatted. This tool is essentially a smart query builder that, given...
VideoWhisper Video Presentation 3.17 - 'vw_upload.php' Arbitrary File Upload
The VideoWhisper Video Presentation WordPress plugin was affected by a 'vwupload.php' Arbitrary File Upload security vulnerability...