all things security
Showing 1 - 11 of 11 RSS Feed

Files

SWFUpload 2.5.0 Beta 3 Shell Upload
Posted Feb 7, 2011
Authored by Daniel Godoy

SWFUpload version 2.5.0 Beta 3 suffers from an arbitrary shell upload vulnerability.

tags | exploit, arbitrary, shell
MD5 | 69e51c9a34ac009b550f3b21fc100dac

Related Files

SWFupload 2.5.0 Cross Frame Scripting
Posted Jan 25, 2015
Authored by MindCracker | Site vulnerability-lab.com

SWFupload version 2.5.0 suffers from a cross frame scripting vulnerability.

tags | exploit
MD5 | 360de29ebabeadefe4d8b3d49b4d8242
litepublisher 5.72 Cross Site Scripting
Posted Mar 19, 2014
Authored by Hossein Hezami

litepublisher version 5.72 suffers from a cross site scripting vulnerability due to embedding a vulnerable version of swfupload.swf.

tags | exploit, xss
MD5 | 8c351836eee959b9c827e1a1877fc72f
Mandriva Linux Security Advisory 2013-189
Posted Jul 2, 2013
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2013-189 - A denial of service flaw was found in the way Wordpress, a blog tool and publishing platform, performed hash computation when checking password for password protected blog posts. A remote attacker could provide a specially-crafted input that, when processed by the password checking mechanism of Wordpress would lead to excessive CPU consumption. Inadequate SSRF protection for HTTP requests where the user can provide a URL can allow for attacks against the intranet and other sites. This is a continuation of work related to which was specific to SSRF in pingback requests and was fixed in 3.5.1. Inadequate checking of a user's capabilities could allow them to publish posts when their user role should not allow for it; and to assign posts to other authors. Inadequate escaping allowed an administrator to trigger a cross-site scripting vulnerability through the uploading of media files and plugins. The processing of an oEmbed response is vulnerable to an XXE. If the uploads directory is not writable, error message data returned via XHR will include a full path to the directory. Content Spoofing in the MoxieCode MoxiePlayer project. Cross-domain XSS in SWFUpload.

tags | advisory, remote, web, denial of service, spoof, xss
systems | linux, mandriva
advisories | CVE-2013-2173, CVE-2013-2199, CVE-2013-2200, CVE-2013-2201, CVE-2013-2202, CVE-2013-2203, CVE-2013-2204, CVE-2013-2205
MD5 | 72722938515381873f84bbd819def4b7
SWFUpload CSRF / XSS / Object Injection
Posted Apr 18, 2013
Authored by KedAns-Dz

SWFUpload suffers from cross site scripting, cross site request forgery, and object injection vulnerabilities.

tags | exploit, vulnerability, xss, csrf
MD5 | c0eb003ec5c6e9aacc4023925ab89cf0
SWFUpload Content Spoofing / Cross Site Scripting
Posted Mar 10, 2013
Authored by MustLive

SWFUpload suffers from cross site scripting and content spoofing vulnerabilities.

tags | advisory, spoof, vulnerability, xss
MD5 | da7c66ce051b9c9c696ef302616a44bc
SWF Upload f10 / f11 Cross Site Scripting
Posted Nov 25, 2012
Authored by MustLive

swfupload_f10.swf and swfupload_f11.swf both suffer from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | 61ebceb5e232674822caea26d5a36ea6
swfupload_f8.swf Cross Site Scripting
Posted Nov 21, 2012
Authored by MustLive

swfupload_f8.swf suffers from a cross site scripting vulnerability. Affected systems are TinyMCE, Squeeze Documents for SPIP, Upload Manager for Radiant CMS, AionWeb, Liferay Portal (Community Edition, which earlier was called Standard Edition, and Enterprise Edition), SurgeMail, and symfony.

tags | exploit, xss
MD5 | fc2153033bdfe782f1329e95b4ce1f9c
SWF Upload Cross Site Scripting
Posted Nov 13, 2012
Authored by MustLive

Dotclear, InstantCMS, AionWeb, and Dolphin all include a version of swfupload.swf that suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2012-3414
MD5 | 507ff88c04b6509a0bf77b82a52f0725
WordPress 3.3.1 swfupload.swf Cross Site Scripting
Posted Nov 9, 2012
Authored by MustLive

WordPress versions 2.5 through 3.3.1 suffer from a cross site scripting vulnerability in swfupload.swf.

tags | exploit, xss
MD5 | 9650c6910dc578fd55a4d701d797a1e2
Secunia Security Advisory 49651
Posted Jun 29, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in swfupload, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | 255922ee17714e90d4cf921190705ac2
Joomla Simple SWFUpload 2.0 Shell Upload
Posted Jun 12, 2012
Authored by Sammy FORGIT

Joomla Simple SWFUpload component version 2.0 suffers from a remote shell upload vulnerability.

tags | exploit, remote, shell
MD5 | fd68f638bc278effe72ee5636b726918
Page 1 of 1
Back1Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close