EUVD-2014-1295

Malware in sbrugna...

CVE-2014-1214

views/upload.php in the ProJoom Smart Flash Header NovaSFH component 3.0.2 and earlier for Joomla! allows remote attackers to upload and execute arbitrary files via a crafted 1 dest parameter and 2 arbitrary extension in the Filename parameter...

CVE-2014-1214

views/upload.php in the ProJoom Smart Flash Header NovaSFH component 3.0.2 and earlier for Joomla! allows remote attackers to upload and execute arbitrary files via a crafted 1 dest parameter and 2 arbitrary extension in the Filename parameter...

CVE-2014-1214

The CVE affects Projoom’s NovaSFH (Smart Flash Header) Joomla! plugin, specifically the views/upload.php upload handler in version 3.0.2 and earlier. The root cause is lack of validation in the file upload path, allowing a crafted dest parameter and a Filename extension to upload and execute arbi...

CVE-2014-1214 - Remote Code Execution in Projoom NovaSFH Plugin

Vulnerability title: Remote Code Execution in Projoom NovaSFH Plugin CVE: CVE-2014-1214 Vendor: Projoom Product: NovaSFH Plugin Version: 3.0.3 Reported by: Yuri Kramarz Details: The PHP executable which is responsible for handling file upload functionality allows arbitrary files to be uploaded to...

Joomla! Component Projoom NovaSFH 3.0.2 - upload.php Arbitrary File Upload

Joomla! Component Projoom NovaSFH 3.0.2 - upload.php Arbitrary File Upload source: https://www.securityfocus.com/bid/65438/info Projoom NovaSFH plugin for Joomla! is prone to an arbitrary-file-upload vulnerability because it fails to adequately sanitize user-supplied input. An attacker may levera...

Joomla! Component Projoom NovaSFH 3.0.2 - 'upload.php' Arbitrary File Upload

source: https://www.securityfocus.com/bid/65438/info Projoom NovaSFH plugin for Joomla! is prone to an arbitrary-file-upload vulnerability because it fails to adequately sanitize user-supplied input. An attacker may leverage this issue to upload arbitrary files; this can result in arbitrary code...