YaPiG 0.92 Remote Server-Side Script Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/10891/info A vulnerability is reported to exist in YaPiG that may allow a remote attacker to execute malicious scripts on a vulnerable system. This issue exists due to a lack if sanitization of user-supplied data. It is...

Max's Image Uploader Shell Upload Vulnerability

PHP F1 Max's Image Uploader 1.0版本的maxImageUpload/index.php中存在无限制文件上传漏洞。 当Apache未被设置来处理具有pjpeg或jpeg扩展名的拟态文件时，远程攻击者可以通过上传具有一个pjpeg或jpeg扩展名的文件，执行任意代码，并借助对original/的一个直接请求来访问该文件。 问题在maxImageUpload.class.php中的 function uploadImage $result = true; if !isset$POST'submitBtn' $this-showUploadForm; else $m...

H-Sphere Webshell 2.4 - Local Root Exploit

No description provided by source. source: http://www.securityfocus.com/bid/6527/info A vulnerability has been discovered in H-Sphere Webshell. During the pre-authentication phase Webshell fails to perform sufficient bounds checking on user-supplied HTTP parameters. As a result, a malicious...

H-Sphere Webshell 2.4 remote root exploit

No description provided by source. source: http://www.securityfocus.com/bid/6527/info A vulnerability has been discovered in H-Sphere Webshell. During the pre-authentication phase Webshell fails to perform sufficient bounds checking on user-supplied HTTP parameters. As a result, a malicious...

H-Sphere 2.x WebShell Login.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/20532/info H-Sphere WebShell is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the...

H-Sphere WebShell 4.3.10 'actions.php' Multiple Cross Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/31524/info H-Sphere WebShell is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code i...

SAPID 1.2.3 Stable Remote File Inclusion Vulnerability

No description provided by source. Exploit Title: SAPID Stable RFI Google Dork: tanyakan pada dan pemula :D Date: January 08 2011 Author: Opa Yong Software Link: http://sourceforge.net/projects/sapid/files/sapid-cms/ Version: SAPID 1.2.3 Stable Tested on: Windows XP Home Edition SP2 @POC:...

ILIAS 4.4.1 - Multiple Vulnerabilities

No description provided by source. ============================================================== Title ...| Multiple vulnerabilities in ILIAS Version .| ilias-4.4.1.zip Date ....| 21.02.2014 Found ...| HauntIT Blog Home ....| www.ilias.de...

RazorCMS <= 1.2.1 STABLE File Upload Vulnerability

No description provided by source. Exploit Title: RazorCMS = 1.2.1 STABLE File Upload Vulnerability Google Dork: ? Date: 2012-02-26 Author: i2secHyo jun Oh Software Link: http://www.razorcms.co.uk/archive/core/razorCMScorev121STABLE.zip Version: RazorCMS 1.2.1 Tested on: Windows XP Upload a file...

LetterIt 2.0 - (inc/session.php) Remote File Include Vulnerability

漏洞软件：LetterIt 2.0 软件下载：http://sourceforge.net/projects/letterit.berlios/ 漏洞类型：RFI 远程文件包含漏洞 软件介绍： LetterIt 2.0 是一个基于WEB页面的邮件列表管理器，安装简单并且支持多国语言。它可以通过PHP Mail，sendmail，qmail，SMTP 或者pickup mode（Windows下）等多种方式发送HTML 或者 Text文本消息以及附件到指定邮件列表。 漏洞分析： 这个远程文件包含漏洞出现在LetterIt 2.0的 “inc/session.php” 文件中。 漏洞代码：...

Allied Telesis AT-RG634A ADSL Broadband Router - Unauthenticated Webshell

No description provided by source. Title: Allied Telesis AT-RG634A ADSL Broadband router hidden administrative unauthenticated webshell. Vulnerability Information: - CVE: CVE-2014-1982 - Type of Vulnerability: - CWE-78 : OS Command Injection - CWE-306 : Missing Authentication for Critical Functio...

Multiple File Attachments Mail Form Pro 2.0 - WebShell upload

No description provided by source. Exploit Title: Multiple File Attachments Mail Form Pro v2 - WebShell upload Date: 16/02/2010 Author: EgoPL Mail: [email protected]:[email protected] Software Link: http://activeden.net/item/multiple-file-attachments-mail-form-prov2/31262 17$ but It's now on ...

Parallels H-Sphere 3.0/3.1 'login.php' Multiple Cross Site Scripting Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/31256/info H-Sphere is prone to multiple cross-site scripting vulnerabilities because it fails to sufficiently sanitize user-supplied data. An attacker may leverage these issues to execute arbitrary script code in the...

elFinder 2.0 - file manager for web(rc1) - File Upload Vulnerability

Usage Info Info : u can upload .php .php3 .php6 .txt .html .pl .htaccess and ... Upload Your webshell and load from : site.com/var/upload/ro0t.php site.com/files/upload/ro0t.php site.com/var/upload/ro0t.php for get file url double click on your file to open file iframe page |/ o o...

Antak WebShell - A webshell which utilizes PowerShell

Antak is a webshell written in C.Net which utilizes powershell. Antak is a part of Nishang and updates could be found here: https://github.com/samratashok/nishang Use this shell as a normal powershell console. Each command is executed in a new process, keep this in mind while using commands like...

Open source BUG tracking platform JIRA directory traversal vulnerability analysis-vulnerability warning-the black bar safety net

Recently, a new announcement report a Jira 5.0. 1 1 and 6. 0. 3 versions of the directory traversal vulnerability in the last 7 months to be verified, and in the next few months to repair. Attack method is very simple, but the potential impact is very large, the vulnerability could allow an...

某图书管理系统存在默认口令导致getshell

简要描述： 图书管理系统自带tomcat存在默认管理员口令，可以直接getshell，影响大量图书管理馆 详细说明： 自带tomcat系统存在默认管理员账号： 可以登录tomcat，直接上传webshell 漏洞证明： intitle:博云非书资料管理系统 inurl:poweb 可以发现大量图书馆使用了该系统，都可以登录tomcat后台，上传webshell：...

U-Mail邮件系统上传文件缺陷导致暴力getshell

简要描述： U-Mail邮件系统某处上传缺陷，导致可以暴力获取webshell 详细说明： 漏洞文件：C:\umail\WorldClient\html\client\mail\module\oattach.php 代码： if ACTION == "attach-upload" if $FILES $filename = $FILES'Filedata''name'; $filetype = $FILES'Filedata''type'; $filesize = $FILES'Filedata''size'; $filesource = $FILES'Filedata''tmpname...

NetCms website management system upload vulnerability and fix-vulnerability warning-the black bar safety net

NetCms website management system upload vulnerability and fix Vulnerabilities Web application:NetCms website management system Vulnerability in the file the website registration address:/user/login. aspx 1. First of all, we in the Baidu or Google searchkeywords: “NetCms site management system” ! ...

科讯KESION CMS最新版任意文件上传WEBSHELL

简要描述： 最新版本上传漏洞哦^^ 详细说明： 会员上传文件漏洞，可以上传任意后缀 user/swfupload.asp文件漏洞 If UpFileObj.Form"NoReName"="1" Then '不更名 Dim PhysicalPath,FsoObj:Set FsoObj = KS.InitialObjectKS.Setting99 PhysicalPath = Server.MapPathreplaceTempFileStr,"|","" TempFileStr= midTempFileStr,1, InStrRevTempFileStr, "/" & FileTitles ...