4 matches found
EUVD-2014-1295
Malware in sbrugna...
CVE-2014-1214
views/upload.php in the ProJoom Smart Flash Header NovaSFH component 3.0.2 and earlier for Joomla! allows remote attackers to upload and execute arbitrary files via a crafted 1 dest parameter and 2 arbitrary extension in the Filename parameter...
CVE-2014-1214
The CVE affects Projoom’s NovaSFH (Smart Flash Header) Joomla! plugin, specifically the views/upload.php upload handler in version 3.0.2 and earlier. The root cause is lack of validation in the file upload path, allowing a crafted dest parameter and a Filename extension to upload and execute arbi...
CVE-2014-1214
views/upload.php in the ProJoom Smart Flash Header NovaSFH component 3.0.2 and earlier for Joomla! allows remote attackers to upload and execute arbitrary files via a crafted 1 dest parameter and 2 arbitrary extension in the Filename parameter...