PHPCollab version 2.5 suffers from an unauthenticated file upload vulnerability.
1b7459efe1a8274c10aa92fb7e82792bSecunia Security Advisory - Some vulnerabilities have been reported in the Nmedia Users File Uploader plugin for WordPress, where one has an unknown impact and the other can be exploited by malicious people to compromise a vulnerable system.
d6eb679f7a8f1bacc0e573f291a5f334OpenCart version 1.5.2.1 suffers from arbitrary file upload, HTTP response splitting, local file inclusion, path disclosure, and failed randomness vulnerabilities.
647b793cca6ece470eaafd5c3a73746cUploadify version 2.1.4 suffers from cross site scripting, arbitrary file upload, and file existence disclosure vulnerabilities.
52753f2c1a8feb0b100c32e1f44b5044WordPress Deans with Pwwangs Code plugin suffers from a FCKeditor remote file upload vulnerability.
1844a109d8d13c0c80157bc6adaabcf5The File Upload Form software from Zubrag.com suffers from a remote shell upload vulnerability.
ac44b51f23732fe4e2a43d718e1db07bWordPress Kish Guest Posting plugin version 1.0 suffers from an unrestricted file upload vulnerability.
e15c8cf373144fc972998a82d954f056SMF Portal version 1.1.16 fckeditor suffers from an arbitrary file upload vulnerability.
abf2d5dcc0f0faa2c6479c3423c3e224Secunia Security Advisory - A vulnerability has been discovered in the Simple File Upload module for Joomla!, which can be exploited by malicious people to compromise a vulnerable system.
40d8af1e5890cd4f5fca0475aeafaf3fThe Joomla Simple File Upload component version 1.3 suffers from a remote code execution vulnerability.
3b32de96b55e075fd3fbccab10f4ec4dThe SecCommerce SecSigner Java applet version 3.5.0 suffers from a client-side remote arbitrary file upload vulnerability.
97a68963b11eb9b926c5a86c12289388Zero Day Initiative Advisory 11-342 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Zenworks Asset Management. Authentication is not required to exploit this vulnerability. The flaw exists within the rtrlet component. This process listens on TCP port 8080. When handling an unauthenticated file upload the process does not properly sanitize the path. Directory traversal can be used to drop a file in an arbitrary location and a null byte inserted into the filename to provide arbitrary extension. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of SYSTEM.
713fe920d8496e71a778847fec7adc24WikkaWiki versions 1.3.2 and below suffers from remote SQL injection, unrestricted file upload, arbitrary file download, arbitrary file deletion, remote code execution and cross site request forgery vulnerabilities.
14a9bc2e9391a11cdd4ba3328235c582This Metasploit module combines two separate issues within Support Incident Tracker versions 3.65 and below to upload arbitrary data and thus execute a shell. The two issues exist in ftp_upload_file.php. The first vulnerability exposes the upload dir used to store attachments. The second vulnerability allows arbitrary file upload since there is no validation function to prevent from uploading any file type. Authentication is required to exploit both vulnerabilities.
739ddfe0d298d16369d8b7893cefd2efThis is simply a PHP shell with a bunch of features like spoofing mail, file uploads, and more.
f18d5418f6eb91321033867fb1fe68c6Microsoft Forefront Unified Access Gateway Remote Access Agent version 4.0.0.1 suffers from a remote file upload and command execution vulnerability.
e844aa7b64c5039837482007b4d67c34ABUS TVIP 11550/21550 suffers from arbitrary file read, file upload, and command execution vulnerabilities.
df7984b9951e899b6237afad1aec2dd2JAKCMS PRO versions 2.2.5 and below arbitrary file upload exploits that allows for remote command execution.
d0fe0dc1b6998414e97b326ffa5f6cd1Whitepaper explaining how PHPInfo can be used to assist with the exploitation of LFI vulnerabilities on PHP when combined with the file upload handling feature that is enabled by default.
454c805f04937f25900ebcce27432d3bSecunia Security Advisory - A vulnerability has been discovered in the Simple File Upload module for Joomla!, which can be exploited by malicious people to compromise a vulnerable system.
8b9edbd95199daca76e4de0281864902Secunia Security Advisory - A vulnerability has been discovered in the Simple File Upload module for Joomla!, which can be exploited by malicious people to compromise a vulnerable system.
bba7c2ea92c6a8d40f8a7ba96cb511e4WebsiteBaker versions 2.8.1 and below suffer from an arbitrary file upload vulnerability.
f5b26067e953b8f922422ee4a5ad20f2Check Point SSL VPN On-Demand applications suffer from remote file upload and command execution vulnerabilities.
915ad4b42aad95d83319f5a78098c1dd360 Web Manager version 3.0 suffers from arbitrary file upload, list, and deletion vulnerabilities.
6178e90d68487f8c15b333fcb35ebfcdPulseCMS Basic versions 1.3_Get.Pro and below suffers from backup disclosure, file upload, and cross site scripting vulnerabilities.
5a8e15dd404d76f6c93033ed94231ed4
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed