CVE-2018-16780

Complete Responsive CMS Blog through 2018-05-20 has XSS via a comment...

CVE-2018-16780

Complete Responsive CMS Blog through 2018-05-20 has XSS via a comment...

CVE-2018-16780

CVE-2018-16780 affects Complete Responsive CMS Blog up to 2018-05-20 and is due to an XSS via user comments. The available documents confirm the vulnerability type but do not provide product version details, exact vulnerable components, root cause specifics, exploit information, or remediation st...

Responsive FileManager < 9.13.4 - Directory Traversal

Exploit for php platform in category web applications The following vulnerabilities were fixed in the version 9.13.4. https://responsivefilemanager.com 1 Path Traversal Allows to Read Any File Reserved CVE: CVE-2018-15535 Discovered By: Simon Uvarov Vendor Status: Fixed Details: The following...

Firefox 55.0.3 - Denial of Service Exploit

Exploit for windows platform in category dos / poc Exploit Title: Firefox 55.0.3 - Denial of Service PoC Exploit Author: L0RD Vendor Homepage: mozilla.org Software Link: https://www.mozilla.org/en-US/firefox/55.0.3/releasenotes/ Version: 55.0.3 Tested on: Windows 10 CVE: N/A Description : An issu...

tecrail Responsive FileManager Path Traversal Vulnerability

tecrail Responsive FileManager is an open source file manager written in PHP by the Italian company tecrail that supports the uploading and management of videos, images and other files. A directory traversal vulnerability exists in the /filemanager/ajaxcalls.php file in versions of tecrail...

Responsive FileManager 9.13.4 - Directory Traversal

Responsive FileManager 9.13.4 - Directory Traversal The following vulnerabilities were fixed in the version 9.13.4. https://responsivefilemanager.com 1 Path Traversal Allows to Read Any File Reserved CVE: CVE-2018-15535 Discovered By: Simon Uvarov Vendor Status: Fixed Details: The following reque...

Firefox 55.0.3 Denial Of Service

Exploit Title: Firefox 55.0.3 - Denial of Service PoC Date: 2018-08-26 Exploit Author: L0RD Vendor Homepage: mozilla.org Software Link: https://www.mozilla.org/en-US/firefox/55.0.3/releasenotes/ Version: 55.0.3 Tested on: Windows 10 CVE: N/A Description : An issue was discovered in firefox 55.0.3...

CVE-2018-15535

/filemanager/ajaxcalls.php in tecrail Responsive FileManager before 9.13.4 uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize getfile sequences such as ".." that can resolve to a location that is outside of that directory,...

CVE-2018-15536

/filemanager/ajaxcalls.php in tecrail Responsive FileManager before 9.13.4 does not properly validate file paths in archives, allowing for the extraction of crafted archives to overwrite arbitrary files via an extract action, aka Directory Traversal...

Directory traversal

/filemanager/ajaxcalls.php in tecrail Responsive FileManager before 9.13.4 does not properly validate file paths in archives, allowing for the extraction of crafted archives to overwrite arbitrary files via an extract action, aka Directory Traversal...

CVE-2018-15535

/filemanager/ajaxcalls.php in tecrail Responsive FileManager before 9.13.4 uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize getfile sequences such as ".." that can resolve to a location that is outside of that directory,...

CVE-2018-15536

/filemanager/ajaxcalls.php in tecrail Responsive FileManager before 9.13.4 does not properly validate file paths in archives, allowing for the extraction of crafted archives to overwrite arbitrary files via an extract action, aka Directory Traversal...

CVE-2018-15536

CVE-2018-15536 affects tecrail Responsive FileManager prior to 9.13.4. The /filemanager/ajax_calls.php file does not properly validate file paths in archives, permitting a crafted archive extraction that overwrites arbitrary files (directory traversal). Public disclosures and exploits reference p...

Responsive FileManager 9.13.4 Path Traversal

The following vulnerabilities were fixed in the version 9.13.4. https://responsivefilemanager.com 1 Path Traversal Allows to Read Any File Reserved CVE: CVE-2018-15535 Discovered By: Simon Uvarov Vendor Status: Fixed Details: The following request allows a user to read any file on the system. GET...

CVE-2018-15495

/filemanager/upload.php in Responsive FileManager before 9.13.3 allows Directory Traversal and SSRF because the url parameter is used directly in a curlexec call, as demonstrated by a file:///etc/passwd value...

CVE-2018-15495

/filemanager/upload.php in Responsive FileManager before 9.13.3 allows Directory Traversal and SSRF because the url parameter is used directly in a curlexec call, as demonstrated by a file:///etc/passwd value...

CVE-2018-15495

CVE-2018-15495 affects Responsive FileManager prior to 9.13.3. The vulnerability allows Directory Traversal and SSRF because the url parameter is used directly in a curl_exec call, demonstrated by file:///etc/passwd. Several connected records (OSV and related entries) note that a fix existed but ...

Responsive FileManager Cross-Site Request Forgery Vulnerability

Responsive FileManager is an open source file manager written in PHP that supports uploading and managing videos, images and other files. A server-side request forgery vulnerability exists in the upload.php file in version 9.13.1 of Responsive FileManager. No details of the vulnerability are...

CVE-2018-14728

upload.php in Responsive FileManager 9.13.1 allows SSRF via the url parameter...