4 matches found
PT-2025-48654
The SureMail – SMTP and Email Logs Plugin for WordPress is vulnerable to Unrestricted Upload of File with Dangerous Type in versions up to and including 1.9.0. This is due to the plugin's save file function in inc/emails/handler/uploads.php which duplicates all email attachments to a web-accessib...
EUVD-2012-6584
Malware in sbrugna...
CVE-2012-10052 EGallery 1.2 Arbitrary PHP File Upload
EGallery version 1.2 contains an unauthenticated arbitrary file upload vulnerability in the uploadify.php script. The application fails to validate file types or enforce authentication, allowing remote attackers to upload malicious PHP files directly into the web-accessible egallery/ directory...
CVE-2000-0098
Microsoft Index Server allows remote attackers to determine the real path for a web directory via a request to an Internet Data Query file that does not exist...