Lucene search
K

261 matches found

Exploit DB
Exploit DB
added 2013/11/01 12:0 a.m.22 views

WordPress Theme This Way - 'upload_settings_image.php' Arbitrary File Upload

source: https://www.securityfocus.com/bid/63523/info The This Way Theme for WordPress is prone to a vulnerability that lets attackers upload arbitrary files. The issue occurs because the application fails to adequately sanitize user-supplied input. An attacker can exploit this issue to upload...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2013/08/13 12:0 a.m.28 views

CakePHP 2.2.8/2.3.7 - AssetDispatcher Class Local File Inclusion

source: https://www.securityfocus.com/bid/61746/info CakePHP is prone to a local file-include vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker can exploit this vulnerability to view files or execute arbitrary script code in the context of the web server...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2013/07/06 12:0 a.m.15 views

phpVibe 3.1 - Information Disclosure / Remote File Inclusion

source: https://www.securityfocus.com/bid/61026/info phpVibe is prone to an information-disclosure vulnerability and multiple remote file-include vulnerabilities. An attacker can exploit these issues to obtain potentially sensitive information or execute malicious PHP code in the context of the w...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2013/06/30 12:0 a.m.22 views

Atomy Maxsite - index.php Arbitrary File Upload

Atomy Maxsite - index.php Arbitrary File Upload source: https://www.securityfocus.com/bid/60859/info Atomy Maxsite is prone to a vulnerability that lets attackers upload arbitrary files. The issue occurs because the application fails to adequately sanitize user-supplied input. An attacker can...

Exploits0
Patchstack
Patchstack
added 2013/05/14 12:0 a.m.13 views

WordPress WP FileManager Plugin - Arbitrary File Download

WP FileManager is prone to an arbitrary file download vulnerability. It allows an attacker to download arbitrary files within the context of the web server process. Solution Update the plugin...

2.9AI score
Exploits0References1Affected Software1
exploitpack
exploitpack
added 2013/04/18 12:0 a.m.10 views

Fork CMS - js.php Local File Inclusion

Fork CMS - js.php Local File Inclusion source: https://www.securityfocus.com/bid/59298/info Fork CMS is prone to a local file-include vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker can exploit this vulnerability to view files and execute local scripts in...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2013/03/11 12:0 a.m.39 views

KindEditor - Multiple Arbitrary File Upload Vulnerabilities

KindEditor - Multiple Arbitrary File Upload Vulnerabilities source: https://www.securityfocus.com/bid/58431/info KindEditor is prone to multiple remote file-upload vulnerabilities because it fails to sufficiently sanitize user-supplied input. Attackers can exploit these issues to upload arbitrary...

7.6AI score
Exploits0
Exploit DB
Exploit DB
added 2013/03/11 12:0 a.m.22 views

PHPBoost - Arbitrary File Upload / Information Disclosure

source: https://www.securityfocus.com/bid/58432/info PHPBoost is prone to an information disclosure vulnerability and an arbitrary file-upload vulnerability because the application fails to adequately sanitize user-supplied input. An attacker can exploit these issues to upload arbitrary files in...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2013/03/11 12:0 a.m.50 views

KindEditor - Multiple Arbitrary File Upload Vulnerabilities

source: https://www.securityfocus.com/bid/58431/info KindEditor is prone to multiple remote file-upload vulnerabilities because it fails to sufficiently sanitize user-supplied input. Attackers can exploit these issues to upload arbitrary code and run it in the context of the web server process...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2013/02/06 12:0 a.m.13 views

ezStats for Battlefield 3 - ezStats2compare.php Multiple Cross-Site Scripting Vulnerabilities

ezStats for Battlefield 3 - ezStats2compare.php Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/57759/info ezStats for Battlefield 3 is prone to multiple cross-site scripting vulnerabilities and a local file include vulnerability. An attacker may leverage...

Exploits0
exploitpack
exploitpack
added 2013/02/06 12:0 a.m.9 views

ezStats2 - style.php Local File Inclusion

ezStats2 - style.php Local File Inclusion source: https://www.securityfocus.com/bid/57757/info ezStats2 is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability using directory-traversal strings to view...

7.4AI score
Exploits0
OpenVAS
OpenVAS
added 2013/01/17 12:0 a.m.15 views

WordPress Shopping Cart Plugin Multiple Vulnerabilities

WordPress Shopping Cart Plugin is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.3AI score
Exploits0References5
exploitpack
exploitpack
added 2013/01/08 12:0 a.m.18 views

MotoCMS - admindatausers.xml Access Restriction Information Disclosure

MotoCMS - admindatausers.xml Access Restriction Information Disclosure source: https://www.securityfocus.com/bid/57055/info MotoCMS is prone to a file-disclosure and an arbitrary file-upload vulnerability. An attacker can exploit these issues to upload a file and view local files in the context o...

Exploits0
Exploit DB
Exploit DB
added 2013/01/08 12:0 a.m.33 views

MotoCMS - 'admin/data/users.xml' Access Restriction / Information Disclosure

source: https://www.securityfocus.com/bid/57055/info MotoCMS is prone to a file-disclosure and an arbitrary file-upload vulnerability. An attacker can exploit these issues to upload a file and view local files in the context of the web server process, which may aid in further attacks. MotoCMS 1.3...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2012/12/30 12:0 a.m.19 views

WordPress Plugin Zingiri Forums - 'language' Local File Inclusion

source: https://www.securityfocus.com/bid/56777/info The Zingiri Forums plugin for WordPress is prone to a local file-include vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker can exploit this vulnerability to view files and execute local scripts in the...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2012/12/19 12:0 a.m.10 views

Joomla! Component com_bit - Controller Local File Inclusion

Joomla! Component combit - Controller Local File Inclusion source: https://www.securityfocus.com/bid/56995/info The Bit Component for Joomla! is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to...

0.5AI score
Exploits0
Exploit DB
Exploit DB
added 2012/12/19 12:0 a.m.31 views

Joomla! Component com_bit - 'Controller' Local File Inclusion

source: https://www.securityfocus.com/bid/56995/info The Bit Component for Joomla! is prone to a local file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this vulnerability to obtain potentially sensitive information or to execute arbitra...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2012/11/16 12:0 a.m.11 views

ATutor 2.1 - tool_file Local File Inclusion

ATutor 2.1 - toolfile Local File Inclusion source: https://www.securityfocus.com/bid/56600/info ATutor is prone to a local file-include vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker can exploit this vulnerability to view files and execute local scripts i...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2012/10/15 12:0 a.m.39 views

WordPress Plugin Crayon Syntax Highlighter - 'wp_load' Remote File Inclusion

source: https://www.securityfocus.com/bid/55919/info The Crayon Syntax Highlighter plug-in for WordPress is prone to multiple remote file-include vulnerabilities because it fails to sufficiently sanitize user-supplied input. Exploiting these issues may allow a remote attacker to obtain sensitive...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2012/09/26 12:0 a.m.14 views

YingZhiPython - Directory Traversal Arbitrary File Upload

YingZhiPython - Directory Traversal Arbitrary File Upload source: https://www.securityfocus.com/bid/55685/info An attacker can exploit these issues to obtain sensitive information, to upload arbitrary code, and to run it in the context of the web server process. YingZhiPython 1.9 is vulnerable;...

0.1AI score
Exploits0
Rows per page
Query Builder