EUVD-2016-1753

Malware in sbrugna...

CVE-2016-10759

The Xinha plugin in Precurio 2.1 allows Directory Traversal, with resultant arbitrary code execution, via ExtendedFileManager/Classes/ExtendedFileManager.php because ExtendedFileManager can be used to rename the .htaccess file that blocks .php uploads...

Directory traversal

The Xinha plugin in Precurio 2.1 allows Directory Traversal, with resultant arbitrary code execution, via ExtendedFileManager/Classes/ExtendedFileManager.php because ExtendedFileManager can be used to rename the .htaccess file that blocks .php uploads...

CVE-2016-10759

The Xinha plugin in Precurio 2.1 allows Directory Traversal, with resultant arbitrary code execution, via ExtendedFileManager/Classes/ExtendedFileManager.php because ExtendedFileManager can be used to rename the .htaccess file that blocks .php uploads...

CVE-2016-10759

CVE-2016-10759 describes a path traversal vulnerability in Precurio 2.1 via the Xinha plugin. The flaw is in ExtendedFileManager/Classes/ExtendedFileManager.php, where ExtendedFileManager can be used to rename the .htaccess file that blocks PHP uploads, enabling directory traversal and resulting ...

Precurio Software Precurio Xinha Plugin Path Traversal Vulnerability

Precurio Software Precurio is a suite of enterprise open collaboration business solutions from Precurio Software, Inc. The Xinha plugin is an editor plug-in. A path traversal vulnerability exists in Precurio Software Precurio version 2.1 of the Xinha plugin. The vulnerability stems from a failure...

Precurio 2.1: Remote Command Execution via Xinha Plugin

RIPS Analysis RIPS detected many security vulnerabilities, such as SQL injection and cross-site scripting issues. In order to exploit most of these vulnerabilities in Precurios code base, a user account is required. Precurio also includes a lot of third-party code though that is directly...