CVE-2012-10045

XODA version 0.4.5 contains an unauthenticated file upload vulnerability that allows remote attackers to execute arbitrary PHP code on the server. The flaw resides in the upload functionality, which fails to properly validate or restrict uploaded file types. By crafting a multipart/form-data POST...

CVE-2012-10045

XODA version 0.4.5 contains an unauthenticated file upload vulnerability that allows remote attackers to execute arbitrary PHP code on the server. The flaw resides in the upload functionality, which fails to properly validate or restrict uploaded file types. By crafting a multipart/form-data POST...

CVE-2012-10045

XODA 0.4.5 contains an unauthenticated file upload vulnerability in the upload functionality. An attacker can upload a PHP file to the web-accessible files/ directory and trigger execution via a subsequent GET request, leading to remote code execution. Remediation/patch status not provided in the...

CVE-2012-10045 XODA 0.4.5 Arbitrary PHP File Upload

XODA version 0.4.5 contains an unauthenticated file upload vulnerability that allows remote attackers to execute arbitrary PHP code on the server. The flaw resides in the upload functionality, which fails to properly validate or restrict uploaded file types. By crafting a multipart/form-data POST...

Sourceforge XODA 安全漏洞

Sourceforge XODA is a file management software from Sourceforge open source. A security vulnerability exists in Sourceforge XODA version 0.4.5, which stems from the upload feature not validating file types, and could lead to arbitrary file uploads and remote code execution...

PT-2025-32398 · Xoda · Xoda

Name of the Vulnerable Software and Affected Versions: XODA version 0.4.5 Description: XODA version 0.4.5 contains an unauthenticated file upload vulnerability that allows remote attackers to execute arbitrary PHP code on the server. The flaw resides in the upload functionality, which fails to...

CVE-2012-10045

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/xodafileupload.rb 2025-10-23 21:12:56+00:00| seen| MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7...

XODA 0.4.5 Arbitrary PHP File Upload Vulnerability

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...

XODA Document Management System 0.4.5 - XSS & Arbitrary File Upload

No description provided by source. Exploit Title: XODA Document Management System Stored XSS & Arbitrary File Upload Vulnerability. Date: 21/08/2012 Exploit Author: Shai rod @NightRang3r Vendor Homepage: http://xoda.org/ Software Link: http://sourceforge.net/projects/xoda/files/xoda/xoda-0.4.5/...

XODA 0.4.5 File Upload

File upload vulnerability in XODA Vulnerability Type: File Upload For the exploit source code contact DSquare Security sales team...

XODA 0.4.5 Arbitrary PHP File Upload

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "XODA 0.4.5...

XODA Document Management System 0.4.5 XSS / Shell Upload

Exploit Title: XODA Document Management System Stored XSS & Arbitrary File Upload Vulnerability. Date: 21/08/2012 Exploit Author: Shai rod @NightRang3r Vendor Homepage: http://xoda.org/ Software Link: http://sourceforge.net/projects/xoda/files/xoda/xoda-0.4.5/ Version: 0.4.5 Gr33Tz: @aviadgolan ,...

XODA 0.4.5 - Arbitrary '.PHP' File Upload (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 "XODA 0.4.5...

XODA 0.4.5 Arbitrary PHP File Upload Vulnerability

This module exploits a file upload vulnerability found in XODA 0.4.5. Attackers can abuse the "upload" command in order to upload a malicious PHP file without any authentication, which results in arbitrary code execution. The module has been tested successfully on XODA 0.4.5 and Ubuntu 10.04. Thi...

XODA Document Management System 0.4.5 - Cross-Site Scripting Arbitrary File Upload

XODA Document Management System 0.4.5 - Cross-Site Scripting Arbitrary File Upload Exploit Title: XODA Document Management System Stored XSS & Arbitrary File Upload Vulnerability. Date: 21/08/2012 Exploit Author: Shai rod @NightRang3r Vendor Homepage: http://xoda.org/ Software Link:...

XODA Document Management System v0.4.5 XSS & Arbitrary File Upload

Exploit for php platform in category web applications Exploit Title: XODA Document Management System Stored XSS & Arbitrary File Upload Vulnerability. Date: 21/08/2012 Exploit Author: Shai rod @NightRang3r Vendor Homepage: http://xoda.org/ Software Link:...

XODA Document Management System 0.4.5 - Cross-Site Scripting / Arbitrary File Upload

Exploit Title: XODA Document Management System Stored XSS & Arbitrary File Upload Vulnerability. Date: 21/08/2012 Exploit Author: Shai rod @NightRang3r Vendor Homepage: http://xoda.org/ Software Link: http://sourceforge.net/projects/xoda/files/xoda/xoda-0.4.5/ Version: 0.4.5 Gr33Tz: @aviadgolan ,...