Joomla! Component IDoEditor - image.php Arbitrary File Upload

Joomla! Component IDoEditor - image.php Arbitrary File Upload source: https://www.securityfocus.com/bid/53973/info The IDoEditor component for Joomla! is prone to a vulnerability that lets attackers upload arbitrary files because the application fails to adequately sanitize user-supplied input. A...

Joomla! Component mod_jfancy - script.php Arbitrary File Upload

Joomla! Component modjfancy - script.php Arbitrary File Upload source: https://www.securityfocus.com/bid/53975/info The jFancy component for Joomla! is prone to a vulnerability that lets attackers upload arbitrary files because the application fails to adequately sanitize user-supplied input. An...

Joomla! Component Easy Flash Uploader - helper.php Arbitrary File Upload

Joomla! Component Easy Flash Uploader - helper.php Arbitrary File Upload source: https://www.securityfocus.com/bid/53977/info The Easy Flash Uploader component for Joomla! is prone to a vulnerability that lets attackers upload arbitrary files because the application fails to adequately sanitize...

Joomla! Component DentroVideo 1.2 - upload.php Arbitrary File Upload

Joomla! Component DentroVideo 1.2 - upload.php Arbitrary File Upload source: https://www.securityfocus.com/bid/53972/info The DentroVideo component for Joomla! is prone to a vulnerability that lets attackers upload arbitrary files. The issue occurs because the application fails to adequately...

Joomla! Component com_simpleswfupload - uploadhandler.php Arbitrary File Upload

Joomla! Component comsimpleswfupload - uploadhandler.php Arbitrary File Upload source: https://www.securityfocus.com/bid/53968/info The Simple SWFUpload component for Joomla! is prone to a vulnerability that lets attackers upload arbitrary files because the application fails to adequately sanitiz...

Joomla! Component mod_artuploader - upload.php Arbitrary File Upload

Joomla! Component modartuploader - upload.php Arbitrary File Upload source: https://www.securityfocus.com/bid/53969/info The Art Uploader component for Joomla! is prone to a vulnerability that lets attackers upload arbitrary files because the application fails to adequately sanitize user-supplied...

Joomla! Component com_simpleswfupload - 'uploadhandler.php' Arbitrary File Upload

source: https://www.securityfocus.com/bid/53968/info The Simple SWFUpload component for Joomla! is prone to a vulnerability that lets attackers upload arbitrary files because the application fails to adequately sanitize user-supplied input. An attacker can exploit this vulnerability to upload...

Joomla! Component Easy Flash Uploader - 'helper.php' Arbitrary File Upload

source: https://www.securityfocus.com/bid/53977/info The Easy Flash Uploader component for Joomla! is prone to a vulnerability that lets attackers upload arbitrary files because the application fails to adequately sanitize user-supplied input. An attacker can exploit this vulnerability to upload...

WordPress Foxypress Plugin 'uploadify.php' Arbitrary File Upload Vulnerability

WordPress Foxypress Plugin is prone to file upload vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

WordPress HTML5 AV Manager Plugin 'custom.php' Arbitrary File Upload Vulnerability

WordPress HTML5 AV Manager Plugin is prone to a file upload vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

WordPress Plugin VideoWhisper Video Presentation 3.17 - 'vw_upload.php' Arbitrary File Upload

source: https://www.securityfocus.com/bid/53851/info The VideoWhisper Video Presentation plug-in for WordPress is prone to a vulnerability that lets attackers upload arbitrary files. The issue occurs because the application fails to adequately sanitize user-supplied input. An attacker can exploit...

WordPress Font Uploader Plugin 1.2.4 - Arbitrary File Upload

Font Uploader plugin is prone to an arbitrary file upload vulnerability. Restricted access to this script is not properly realized. In that way an attacker can to upload files containing malicious PHP code and run it in the context of the web server process. Other attacks are also possible...

WordPress Gallery Plugin 3.06 - Arbitrary File Upload

WordPress Gallery plugin is prone to an arbitrary file upload vulnerability. Restricted access to this script is not properly realized. In that way an attacker can to upload files containing malicious PHP code and run it in the context of the web server process. Other attacks are also possible...

HP Business Service Management Remote Code Execution

HP Business Service Management BSM 9.12 does not properly restrict the uploading of .war files, which allows remote attackers to execute arbitrary JSP code within the JBOSS Application Server component via a crafted request to TCP port 1098, 1099, or 4444. Recent assessments: wchen-r7 at Septembe...

TomatoCart 1.2.0 Alpha 2 - 'json.php' Local File Inclusion

source: https://www.securityfocus.com/bid/52766/info TomatoCart is prone to a local file-include vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information and to execute arbitrary local scrip...

OpenEMR 4.1 - contribacogprint_form.php?formname Traversal Local File Inclusion

OpenEMR 4.1 - contribacogprintform.php?formname Traversal Local File Inclusion source: https://www.securityfocus.com/bid/51788/info OpenEMR is prone to local file-include and command-injection vulnerabilities because it fails to properly sanitize user-supplied input. A remote attacker can exploit...

OpenEMR 4.1 - '/contrib/acog/print_form.php?formname' Traversal Local File Inclusion

source: https://www.securityfocus.com/bid/51788/info OpenEMR is prone to local file-include and command-injection vulnerabilities because it fails to properly sanitize user-supplied input. A remote attacker can exploit these issues to execute arbitrary shell commands with the privileges of the us...

OpenEMR 4.1 - Interfacefaxfax_dispatch.php?File exec() Call Arbitrary Shell Command Execution

OpenEMR 4.1 - Interfacefaxfaxdispatch.php?File exec Call Arbitrary Shell Command Execution source: https://www.securityfocus.com/bid/51788/info OpenEMR is prone to local file-include and command-injection vulnerabilities because it fails to properly sanitize user-supplied input. A remote attacker...

OpenEMR 4.1 - '/Interface/patient_file/encounter/trend_form.php?formname' Traversal Local File Inclusion

source: https://www.securityfocus.com/bid/51788/info OpenEMR is prone to local file-include and command-injection vulnerabilities because it fails to properly sanitize user-supplied input. A remote attacker can exploit these issues to execute arbitrary shell commands with the privileges of the us...

OpenEMR 4.1 - '/Interface/patient_file/encounter/load_form.php?formname' Traversal Local File Inclusion

source: https://www.securityfocus.com/bid/51788/info OpenEMR is prone to local file-include and command-injection vulnerabilities because it fails to properly sanitize user-supplied input. A remote attacker can exploit these issues to execute arbitrary shell commands with the privileges of the us...