Super Store Finder versions 3.3 and below suffer from a cross site scripting vulnerability.
f3054c541bd045c5e5cb66e6cb59003dWebRTC suffers from an out-of-bounds memory write in the method RtpFrameReferenceFinder::UpdateLayerInfoH264. This occurs when updating the layer info with the frame marking extension.
8491bafa68aebbbeaeec3108e1ccc8faGTalk Password Finder version 2.2.1 suffers from a denial of service vulnerability.
c14df4ccfce3cc3df4cf376c17fd60d0APKF Product Key Finder version 2.5.8.0 suffers from a denial of service vulnerability.
a4fd0d8b8387153af14854fc66c93c19Office Product Key Finder version 1.5.4 suffers from a denial of service vulnerability.
b55838680b5f458d04d56c2eab2d5a69Flawfinder searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function.
2ccf5667a49ebd044bb81ae02729e5b6Flawfinder searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function.
f891a16b888cca25c2dab0cae098d60bThis Metasploit module exploits a command injection vulnerability in elFinder versions prior to 2.1.48. The PHP connector component allows unauthenticated users to upload files and perform file modification operations, such as resizing and rotation of an image. The file name of uploaded files is not validated, allowing shell metacharacters. When performing image operations on JPEG files, the filename is passed to the exiftran utility without appropriate sanitization, causing shell commands in the file name to be executed, resulting in remote command injection as the web server user. The PHP connector is not enabled by default. The system must have exiftran installed and in the PATH. This module has been tested successfully on elFinder versions 2.1.47, 2.1.20, and 2.1.16 on Ubuntu.
3664569f65ef2128717bd5e02f29d7b4elFinder versions 2.1.47 and below suffer from a command injection vulnerability in the PHP connector.
3d96dc64d2bfb5653afc37faeaeccf4bJobFinder suffers from a cross site scripting vulnerability.
d7af768a26e6fc8bfc4c7a525735dd08Flawfinder searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function.
c0b40f0fe23d8afe7095a76ef63f34b1Joomla Com_Finder component version 4.0.0 suffers from a database disclosure vulnerability.
186354a6e3d9e945ec6f0d231330bbcfIP Finder version 1.5 suffers from a denial of service vulnerability.
ea51ea54ea19e32d290d14376f7dfbfcFlawfinder searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function.
ba8ad461c8b30c04dcade87f6c1857cfWordPress Service Finder Booking plugin versions prior to 3.2 suffer from a file disclosure vulnerability.
eb1fec3edda863885a9a8ece334e0246Flawfinder searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function.
e7b9a9c35661007fe5a9cb6aea8c865fFlawfinder searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function.
60f3a87102de4acdb79116ad9a744becFlawfinder searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function.
c9ce3115093bc3b8754b82603c8b2848This Metasploit module exploits a vulnerability found in BuilderEngine 3.5.0 via elFinder 2.0. The jquery-file-upload plugin can be abused to upload a malicious file, which would result in arbitrary remote code execution under the context of the web server.
3d38091cb8623141a1878a0e108e06dbJoomla JE Property Finder component version 1.6.3 suffers from a remote SQL injection vulnerability.
4fdd9dfdcbf9397b5f2b3d74a7ff292bMultitech RightFax Faxfinder versions prior to 4.1.2 suffer from a clear-text credential disclosure vulnerability.
0a8b01c601df546dae47c1bd0928acfcApache Mina 2.0.13 uses the OGNL library in the "IoSessionFinder" class. Its constructor takes into parameter one OGNL expression. Then this expression is executed when the method "find" is called. This class seems to be only used in the JMX MINA component "IoServiceMBean". When the IOServiceMBean is exposed trough JMX it is possible to abuse the function to execute an arbitrary command on the server.
6a1d15c93ad05a4e23a938523dfc618fThis Metasploit module exploits a file upload vulnerability in Tiki Wiki versions 15.1 and below which could be abused to allow unauthenticated users to execute arbitrary code under the context of the web server user. The issue comes with one of the 3rd party components. Name of that components is ELFinder -version 2.0-. This components comes with default example page which demonstrates file operations such as upload, remove, rename, create directory etc. Default configuration does not force validations such as file extension, content-type etc. Thus, unauthenticated user can upload PHP file. The exploit has been tested on Debian 8.x 64-bit and Tiki Wiki 15.1.
75ff5f78056283806bf48c4b08b4edfcFinderView suffers from path traversal and cross site scripting vulnerabilities.
55e8044d9613e0998e4b943c11aa761fThe setuid root FinderLoadBundle that was included in older DropboxHelperTools versions for OS X allows loading of dynamically linked shared libraries that are residing in the same directory. The directory in which FinderLoadBundle is located is owned by root and that prevents placing arbitrary files there. But creating a hard link from FinderLoadBundle to somewhere in a directory in /tmp circumvents that protection thus making it possible to load a shared library containing a payload which creates a root shell.
04b4586c44bb0dd781367933375dfb86elFinder 2 suffers from a remote command execution vulnerability via file creation.
a0d75473632129bbc156cf95f8509bf8
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed