CVE-2020-11414

An issue was discovered in Progress Telerik UI for Silverlight before 2020.1.330. The RadUploadHandler class in RadUpload for Silverlight expects a web request that provides the file location of the uploading file along with a few other parameters. The uploading file location should be inside the...

radupload-rfi.txt

^ Rad Upload Version 3.02 Remote File Include Vulnerability ^ Source: http://www.radinks.com/downloads/raduploadlite.zip ^ Vulnerable C0de On Line 39 In upload.php : ifisset$savepath && $savepath!="" ^ EXploit http://victim/directory/upload.php?savepath=sh3ll? ^ Found3d By: Arham ^ Gr33tz To --...

CVE-2006-6549

PHP remote file inclusion vulnerability in upload.php in Rad Upload 3.02 allows remote attackers to execute arbitrary PHP code via a URL in the savepath parameter. NOTE: CVE disputes this vulnerability because savepath is originally defined as "" before use, and the nearby instructions say "SET T...

CVE-2006-6549

CVE-2006-6549 affects Rad Upload 3.02, specifically the upload.php handling of the save_path parameter, which PT Security describes as a potential remote file inclusion risk that could enable arbitrary PHP code execution if a URL is provided in save_path. The vulnerability is tied to how the save...

Web Apps- Rad Upload Version 3.02 Remote File Include Vulnerability

^ Rad Upload Version 3.02 Remote File Include Vulnerability ^ Source: http://www.radinks.com/downloads/raduploadlite.zip ^ Vulnerable C0de On Line 39 In upload.php : ifisset$savepath && $savepath!="" ^ EXploit http://victim/directory/upload.php?savepath=sh3ll? ^ Found3d By: Arham ^ Gr33tz To --...