HiScout GRC Suite versions prior to 3.1.5 suffer from a file upload vulnerability. An authenticated attacker with the permission to edit or add a "WebSiteElement" to the "content" pages is able to upload any file with any file extension to the data directory of the application. This directory is in the web root and the uploaded file is executed on the server if ".aspx" is chosen as the file extension and if the file contains aspx source code. Any commands can be executed with the permissions of the web server user on the server by exploiting this vulnerability.
a35fd22828c02d235e1b374dd87de2afLiteCart version 2.1.2 suffers from a remote file upload vulnerability.
44fd0ea7d19bec8cfb7f443bc7ae5960OCS Inventory NG OCS Inventory Server through 2.5 allows a privileged user to gain access to the server via a template file containing PHP code, because file extensions other than .html are permitted.
f671f8d4d1775a87dfdb4e245c86573aThis Metasploit module exploits an arbitrary file upload vulnerability in Responsive Thumbnail Slider Plugin v1.0 for WordPress post authentication.
be85945c5f032d73aa3ce61a1cd67566Whitepaper called File Upload Restrictions Bypass.
9d615f9f2d0f44874ac4900c33b860efWAGO e!DISPLAY 7300T WP 4.3 480x272 PIO1 version FW 01 - 01.01.10(01) suffer from code execution, cross site scripting, weak permission, and remote file upload vulnerabilities.
f12e1bdd6ce0d40862c5cca1957f6a1aShopNx suffers from an arbitrary file upload vulnerability.
873cfaf579555162d921b6c033b40dabIntex Router N-150 suffers from a remote arbitrary file upload vulnerability.
3f9571e629e73736e76af98281a91a9aRedaxo CMS Mediapool add-on versions prior to 5.5.1 suffer from a remote file upload vulnerability.
2ee9e258e0cbc86d2f56b93a4898abbbAppnitro MachForm suffers from remote file upload, remote SQL injection, and path traversal vulnerabilities.
b12919cc6902374a5ee31d11fbf166fdEasy File Uploader version 1.7 suffers from a remote shell upload vulnerability.
72afb65d3fa31008dd700ca8653852f9Easy File Uploader version 1.7 suffers from cross site scripting and remote SQL injection vulnerabilities.
c05bbc2ad32029b0f1334e4d15889fbbMyBiz MyProcureNet version 5.0.0 suffers from remote file upload and cross site scripting vulnerabilities.
9d259792840d984bdc75e2b482b86e96This Metasploit module exploits an authenticated file upload remote code execution vulnerability in PlaySMS version 1.4. This issue is caused by improper file contents handling in import.php (aka the Phonebook import feature). Authenticated Users can upload a CSV file containing a malicious payload via vectors involving the User-Agent HTTP header and PHP code in the User-Agent. This Metasploit module was tested against PlaySMS 1.4 on VulnHub's Dina 1.0 machine and Windows 7.
f976c4045dcaba09573750799d5fb25aThis Metasploit module exploits a code injection vulnerability within an authenticated file upload feature in PlaySMS version 1.4. This issue is caused by improper file name handling in sendfromfile.php file. Authenticated Users can upload a file and rename the file with a malicious payload. This Metasploit module was tested against PlaySMS 1.4 on VulnHub's Dina 1.0 machine and Windows 7.
2580a04744c23352ceb458505fd66e3dWatchGuard Access Points running firmware before version 1.2.9.15 suffer from hard-coded credential, hidden authentication, file upload, and incorrect validation vulnerabilities.
2ce103fc55de9e6fbe94f48a5f490449ASUSTOR ADM versions 3.1.0.RFQ3 and below chained exploit that leverages stored cross site scripting, cross site request forgery, path traversal, and file upload vulnerabilities.
a3b210023543df6ac13e213699161e0aJfrog Artifactory versions prior to 4.16 suffer from unauthenticated arbitrary file upload and remote command execution vulnerabilities.
dc65bc67fb5a4cdd39a3ef7d94a10ce6WordPress File Upload plugin version 4.3.3 suffers from a persistent cross site scripting vulnerability.
1444aa728d5ff96b90fa2afbafd41c90WordPress File Upload plugin version 4.3.2 suffers from a persistent cross site scripting vulnerability.
b07861eb4f07f3cc5cc2adf684dd60c2This Metasploit module exploits a vulnerability found in ClipBucket versions before 4.0.0 (Release 4902). A malicious file can be uploaded using an unauthenticated arbitrary file upload vulnerability. It is possible for an attacker to upload a malicious script to issue operating system commands. This issue is caused by improper session handling in /action/beats_uploader.php file. This Metasploit module was tested on ClipBucket before 4.0.0 - Release 4902 on Windows 7 and Kali Linux.
d2275d600b73e806af00c2c4d704c496OTRS versions 5.0.0 through 5.0.24 and 6.0.0 through 6.0.1 suffer from remote code execution vulnerabilities.
ac1bc6a06bf339a083573a1b4efc681cClipBucket versions prior to 4.0.0 Release 4902 suffer from OS command injection, arbitrary file upload, and remote SQL injection vulnerabilities.
5f01efc19d73b84eb391886d4efcadc7Joomla! Proclaim component version 9.1.1 suffers from a remote shell upload vulnerability.
e4b3f4730e22f3b7318737ee5628509eTejari suffers from an arbitrary file upload vulnerability.
fe73773199d81547dabdd4fe82e4b5d6
© 2018 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed