Lucene search
+L

1394 matches found

0day.today
0day.today
added 2008/06/08 12:0 a.m.35 views

XOOPS Module Uploader 1.1 (filename) File Disclosure Vulnerability

Exploit for unknown platform in category web applications ================================================================== XOOPS Module Uploader 1.1 filename File Disclosure Vulnerability ================================================================== MMM MMM MMM MMM MMMMMMMMMMMMM MMMMMMMMM...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2008/05/22 12:0 a.m.20 views

PhotoStockPlus Uploader Tool ActiveX控件栈溢出漏洞

BUGTRAQ ID: 29279 CVECAN ID: CVE-2008-0957 Photostockplus是加拿大一家在线出售各种图库的网站。 PhotoStockPlus所提供的Uploader Tool ActiveX控件(PSPUploader.ocx)在处理某些初始化参数时存在栈溢出漏洞。如果用户受骗访问了恶意站点的话,就可能触发这个溢出,导致执行任意代码。 PhotoStockPlus Uploader Tool ActiveX 临时解决方法: 为以下CLSID设置kill bit: E48BB416-C578-4A62-84C9-5E3389ABE5FC...

6.8CVSS6.5AI score0.03061EPSS
Exploits1
Prion
Prion
added 2008/05/20 5:20 p.m.12 views

Stack overflow

Multiple stack-based buffer overflows in the PhotoStockPlus Uploader Tool ActiveX control PSPUploader.ocx allow remote attackers to execute arbitrary code via unspecified initialization parameters...

6.8CVSS8.4AI score0.03061EPSS
Exploits1References5
Cvelist
Cvelist
added 2008/05/20 10:0 a.m.16 views

CVE-2008-0957

Multiple stack-based buffer overflows in the PhotoStockPlus Uploader Tool ActiveX control PSPUploader.ocx allow remote attackers to execute arbitrary code via unspecified initialization parameters...

7.8AI score0.03061EPSS
Exploits1References5
CERT
CERT
added 2008/05/19 12:0 a.m.29 views

PhotoStockPlus Uploader Tool ActiveX stack buffer overflows

Overview The PhotoStockPlus Uploader Tool ActiveX control contains several stack buffer overflows, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description PhotoStockPlus provides an image uploader ActiveX control, which is provided by the...

6.8CVSS7AI score0.03061EPSS
Exploits1References2
Prion
Prion
added 2008/05/14 5:20 p.m.14 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Maian Uploader 4.0 allow remote attackers to inject arbitrary web script or HTML via the 1 keywords parameter to upload/admin/index.php in a search action, the 2 msgcharset and 3 msgheader9 parameters to admin/inc/header.php, and the 4 keywords...

4.3CVSS6.1AI score0.01538EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2008/05/14 5:20 p.m.14 views

CVE-2008-2202

Multiple cross-site scripting XSS vulnerabilities in Maian Uploader 4.0 allow remote attackers to inject arbitrary web script or HTML via the 1 keywords parameter to upload/admin/index.php in a search action, the 2 msgcharset and 3 msgheader9 parameters to admin/inc/header.php, and the 4 keywords...

4.3CVSS5.8AI score0.01538EPSS
Exploits1References5
Cvelist
Cvelist
added 2008/05/14 5:0 p.m.18 views

CVE-2008-2202

Multiple cross-site scripting XSS vulnerabilities in Maian Uploader 4.0 allow remote attackers to inject arbitrary web script or HTML via the 1 keywords parameter to upload/admin/index.php in a search action, the 2 msgcharset and 3 msgheader9 parameters to admin/inc/header.php, and the 4 keywords...

5.8AI score0.01538EPSS
Exploits1References5
CVE
CVE
added 2008/05/14 5:0 p.m.48 views

CVE-2008-2202

Maian Uploader 4.0 is affected by multiple cross-site scripting (XSS) vulnerabilities. The issues allow remote attackers to inject arbitrary web script or HTML via: (1) the keywords parameter to upload/admin/index.php in a search action, (2) the msg_charset parameter to admin/inc/header.php, (3) ...

4.3CVSS5.8AI score0.01538EPSS
Exploits1References5Affected Software1
securityvulns
securityvulns
added 2008/05/06 12:0 a.m.51 views

Maian Uploader v4.0 XSS Vulnerabilities

---------------------------------------------------------------- Script : Maian Uploader v4.0 Type : XSS Vulnerabilities ---------------------------------------------------------------- Discovered by : Khashayar Fereidani Or Dr.Crash Our Team : IRCRASH...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2008/05/05 12:0 a.m.24 views

maianuploader-xss.txt

---------------------------------------------------------------- Script : Maian Uploader v4.0 Type : XSS Vulnerabilities ---------------------------------------------------------------- Discovered by : Khashayar Fereidani Or Dr.Crash Our Team : IRCRASH...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2008/05/05 12:0 a.m.15 views

Maian Uploader 4.0 - keywords Cross-Site Scripting

Maian Uploader 4.0 - keywords Cross-Site Scripting source: https://www.securityfocus.com/bid/29051/info Maian Uploader is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary...

Exploits0
exploitpack
exploitpack
added 2008/05/05 12:0 a.m.16 views

Maian Uploader 4.0 - index.php Cross-Site Scripting

Maian Uploader 4.0 - index.php Cross-Site Scripting source: https://www.securityfocus.com/bid/29051/info Maian Uploader is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrar...

Exploits0
exploitpack
exploitpack
added 2008/05/05 12:0 a.m.11 views

Maian Uploader 4.0 - header.php Cross-Site Scripting

Maian Uploader 4.0 - header.php Cross-Site Scripting source: https://www.securityfocus.com/bid/29051/info Maian Uploader is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitra...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2008/05/05 12:0 a.m.19 views

Maian Uploader 4.0 - 'keywords' Cross-Site Scripting

source: https://www.securityfocus.com/bid/29051/info Maian Uploader is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2008/05/05 12:0 a.m.20 views

Maian Uploader 4.0 - 'header.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/29051/info Maian Uploader is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2008/05/05 12:0 a.m.22 views

Maian Uploader 4.0 - 'index.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/29051/info Maian Uploader is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2008/03/12 12:0 a.m.21 views

zkup-upload.txt

!/usr/bin/php Date: 03-08-2008 Conditions: PHP Version, magicquotesgpc=Off This exploit spawn a php uploader in your victim's server. Okay, you may need explanations: First, we can use administration without being admin see ./admin/configuration/modifier.php Then, when we add an admin, it is save...

7.4AI score
Exploits0
CVE
CVE
added 2008/03/08 12:0 a.m.38 views

CVE-2003-1552

The CVE-2003-1552 entry affects Uploader 1.1, via an unrestricted file upload vulnerability in uploader.php. A remote attacker can upload a file with an executable extension and then access it in the uploads/ directory to trigger arbitrary code execution. The vulnerability is mapped with a Networ...

6.8CVSS8.1AI score0.02106EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2008/02/11 12:0 a.m.27 views

MySpace Uploader ActiveX Control < 1.0.0.6 Action Property Buffer Overflow

The remote host contains a version of the MySpace Uploader ActiveX control MySpace.Uploader.4.1 that reportedly is affected by a buffer overflow that can be triggered by assigning a string longer than 260 characters to certain properties, such as 'Action', 'ExtractIptc', and 'ExtractExif'. If a...

10CVSS6.3AI score0.56343EPSS
Exploits2References2
Rows per page
Query Builder