10 matches found
EUVD-2012-6588
Malware in sbrugna...
CVE-2012-10052
EGallery version 1.2 contains an unauthenticated arbitrary file upload vulnerability in the uploadify.php script. The application fails to validate file types or enforce authentication, allowing remote attackers to upload malicious PHP files directly into the web-accessible egallery/ directory...
CVE-2012-10052
CVE-2012-10052 affects EGallery (version 1.2). The vulnerability is an unauthenticated arbitrary file upload in the uploadify.php script, where the app does not validate file types or require authentication, allowing remote attackers to upload PHP files into the web-accessible egallery/ directory...
CVE-2012-10052 EGallery 1.2 Arbitrary PHP File Upload
EGallery version 1.2 contains an unauthenticated arbitrary file upload vulnerability in the uploadify.php script. The application fails to validate file types or enforce authentication, allowing remote attackers to upload malicious PHP files directly into the web-accessible egallery/ directory...
CVE-2012-10052 EGallery 1.2 Arbitrary PHP File Upload
EGallery version 1.2 contains an unauthenticated arbitrary file upload vulnerability in the uploadify.php script. The application fails to validate file types or enforce authentication, allowing remote attackers to upload malicious PHP files directly into the web-accessible egallery/ directory...
PT-2025-32405 · Gallery · Gallery
Name of the Vulnerable Software and Affected Versions: EGallery version 1.2 Description: EGallery version 1.2 contains an unauthenticated arbitrary file upload vulnerability in the uploadify.php script. The application does not validate file types or enforce authentication, allowing remote...
CVE-2012-10027
WP-Property plugin for WordPress up to and including version 1.35.0 contains an unauthenticated file upload vulnerability in the third-party uploadify.php script. A remote attacker can upload arbitrary PHP files to a temporary directory without authentication, leading to remote code execution...
PT-2023-20671 · Unknown +1 · Weaver E-Office +1
Name of the Vulnerable Software and Affected Versions: Weaver E-Office version 9.5 Description: A critical issue has been found, affecting an unknown part of the file /inc/jquery/uploadify/uploadify.php. The manipulation of the Filedata argument leads to unrestricted upload. It is possible to...
Amazon S3 Uploadify Script - Uploadify.php Arbitrary File Upload
Amazon S3 Uploadify Script - Uploadify.php Arbitrary File Upload source: https://www.securityfocus.com/bid/54170/info Amazon S3 Uploadify Script is prone to a vulnerability that lets attackers upload arbitrary files. The issue occurs because the application fails to adequately sanitize...
Amazon S3 Uploadify Script - 'Uploadify.php' Arbitrary File Upload
source: https://www.securityfocus.com/bid/54170/info Amazon S3 Uploadify Script is prone to a vulnerability that lets attackers upload arbitrary files. The issue occurs because the application fails to adequately sanitize user-supplied input. An attacker can exploit this vulnerability to upload...