37 matches found
CVE-2012-10064
Omni Secure Files plugin versions prior to 0.1.14 contain an arbitrary file upload vulnerability in the bundled plupload example endpoint. The /wp-content/plugins/omni-secure-files/plupload/examples/upload.php handler allows unauthenticated uploads without enforcing safe file type restrictions,...
CVE-2012-10064
Omni Secure Files plugin versions prior to 0.1.14 contain an arbitrary file upload vulnerability in the bundled plupload example endpoint. The /wp-content/plugins/omni-secure-files/plupload/examples/upload.php handler allows unauthenticated uploads without enforcing safe file type restrictions,...
CVE-2012-10064 Omni Secure Files < 0.1.14 Unauthenticated Arbitrary File Upload
Omni Secure Files plugin versions prior to 0.1.14 contain an arbitrary file upload vulnerability in the bundled plupload example endpoint. The /wp-content/plugins/omni-secure-files/plupload/examples/upload.php handler allows unauthenticated uploads without enforcing safe file type restrictions,...
CVE-2012-10064
Omni Secure Files WordPress plugin versions before 0.1.14 contain an unauthenticated arbitrary file upload vulnerability in the bundled plupload example endpoint (upload.php). The handler does not enforce safe file type restrictions, allowing attacker-controlled files to be uploaded to the plugin...
CVE-2012-10064 Omni Secure Files < 0.1.14 Unauthenticated Arbitrary File Upload
Omni Secure Files plugin versions prior to 0.1.14 contain an arbitrary file upload vulnerability in the bundled plupload example endpoint. The /wp-content/plugins/omni-secure-files/plupload/examples/upload.php handler allows unauthenticated uploads without enforcing safe file type restrictions,...
CVE-2012-10064
Omni Secure Files plugin versions prior to 0.1.14 contain an arbitrary file upload vulnerability in the bundled plupload example endpoint. The /wp-content/plugins/omni-secure-files/plupload/examples/upload.php handler allows unauthenticated uploads without enforcing safe file type restrictions,...
PT-2026-3315
Omni Secure Files plugin versions prior to 0.1.14 contain an arbitrary file upload vulnerability in the bundled plupload example endpoint. The /wp-content/plugins/omni-secure-files/plupload/examples/upload.php handler allows unauthenticated uploads without enforcing safe file type restrictions,...
WordPress plugin Omni Secure Files has a security vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...
EUVD-2005-1002
Malware in sbrugna...
CVE-2022-45133
Mahara 21.10 before 21.10.6, 22.04 before 22.04.4, and 22.10 before 22.10.1 allows unsafe font upload for skins. A particularly structured XML file could allow one to traverse the server to obtain access to secure files or cause code execution based on the payload...
CVE-2022-45133
Mahara 21.10 before 21.10.6, 22.04 before 22.04.4, and 22.10 before 22.10.1 allows unsafe font upload for skins. A particularly structured XML file could allow one to traverse the server to obtain access to secure files or cause code execution based on the payload...
CVE-2022-45133
Mahara 21.10 before 21.10.6, 22.04 before 22.04.4, and 22.10 before 22.10.1 allows unsafe font upload for skins. A particularly structured XML file could allow one to traverse the server to obtain access to secure files or cause code execution based on the payload...
CVE-2022-45133
Affected software: Mahara. Vulnerable versions: 21.10 < 21.10.6, 22.04 < 22.04.4, 22.10
CVE-2022-45133
Mahara 21.10 before 21.10.6, 22.04 before 22.04.4, and 22.10 before 22.10.1 allows unsafe font upload for skins. A particularly structured XML file could allow one to traverse the server to obtain access to secure files or cause code execution based on the payload...
CVE-2005-10002
A vulnerability, which was classified as critical, was found in almosteffortless secure-files Plugin up to 1.1 on WordPress. Affected is the function sfdownloads of the file secure-files.php. The manipulation of the argument downloadfile leads to path traversal. Upgrading to version 1.2 is able t...
CVE-2005-10002
A vulnerability, which was classified as critical, was found in almosteffortless secure-files Plugin up to 1.1 on WordPress. Affected is the function sfdownloads of the file secure-files.php. The manipulation of the argument downloadfile leads to path traversal. Upgrading to version 1.2 is able t...
CVE-2005-10002
The CVE-2005-10002 issue affects the almosteffortless secure-files Plugin (WordPress) up to version 1.1. The vulnerability resides in the sf_downloads function within secure-files.php, where manipulation of the downloadfile argument enables path traversal. A fixed version exists: upgrade to versi...
PT-2023-9858 · Almosteffortless · Almosteffortless Secure-Files Plugin
Name of the Vulnerable Software and Affected Versions: almosteffortless secure-files Plugin versions 1.1 and earlier Description: A critical issue was found in the almosteffortless secure-files Plugin for WordPress. The sf downloads function in the secure-files.php file is affected, where...
WordPress Plugin almosteffortless secure-files path traversal vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A path traversal vulnerability exists in...
Mahara 安全漏洞
Mahara is a free and open source web-based ePortfolio management system from Mahara. A security vulnerability exists in Mahara. An attacker could exploit the vulnerability to gain access to secure files...