October CMS builds 465 and below suffer from arbitrary file read, arbitrary file deletion, file uploading to arbitrary locations, persistent and reflective cross site scripting, and CSV injection vulnerabilities.
a79e40ac7fff8141301027b2d8a73d91This Metasploit module exploits a arbitrary file upload vulnerability within the Baldr stealer malware control panel. Attackers can turn this vulnerability into remote code execution by adding malicious PHP code inside the victim logs ZIP file and registering a new bot to the panel by uploading the ZIP file under the logs directory. On versions 3.0 and 3.1 victim logs are ciphered by a random 4 byte XOR key. This exploit module retrieves the IP specific XOR key from panel gate and registers a new victim to the panel with adding the selected payload inside the victim logs.
3aee05fb3bfa3e3eb0452ce7bbf7bdfbSocket.io-file versions 2.0.31 and below suffer from an arbitrary file upload vulnerability.
036513b2828cb0405115bfde1a5912eeLibreHealth version 2.0.0 authentication remote code execution exploit that leverages file upload.
fdb429c0607ceadf1536570f0e8ac8d9WonderCMS versions 3.1.0 and below suffer from directory traversal, persistent cross site scripting, and file upload vulnerabilities.
c87a3407d183c31bf41f5245e885cf76Webtareas versions 2.1 and 2.1p suffer from unauthenticated file uploads that allow for remote code execution and expose directory listings.
411b5ebef9a23a0632621a466851bcb3This Metasploit module exploits an arbitrary file upload vulnerability together with a directory traversal flaw in ATutor versions 2.2.4, 2.2.2 and 2.2.1 in order to execute arbitrary commands.
09ec42ff94266d8b91d8385b7c530d7bOnline Student Enrollment System version 1.0 suffers from an unauthenticated arbitrary file vulnerability.
82d4e855a4f70039fa7c52673309699cSmarterMail 16 suffers from an arbitrary file upload vulnerability.
72450c5aaab572c56de94f8bfdb91744Whitepaper called Exploiting Unrestricted File Upload via Plugin Uploader in WordPress.
82ef663315bfdc3aa371270f39bd15b1This Metasploit module exploits a file upload feature of Drag and Drop Multi File Upload - Contact Form 7 for versions prior to 1.3.4. The allowed file extension list can be bypassed by appending a %, allowing for php shells to be uploaded. No authentication is required for exploitation.
8741d1320b67d5240a0da5c63f0f5065WordPress Drag and Drop File Upload Contact Form plugin version 1.3.3.2 suffers from a remote shell upload vulnerability.
415c8b9b89531c519f109fc5a2a6d49fqdPM version 9.1 suffers from an arbitrary file upload vulnerability.
c0684c8ac1441ffc8176dc2bad26f3b4CuteNews version 2.1.2 suffers from a remote shell upload vulnerability.
854221f3da517dea5c1d414090b7e5dfKartris version 1.6 suffers from an arbitrary file upload vulnerability.
3fb1d8c04e9f6ea8b0c57bde2a354ab3Online Clothing Store version 1.0 suffers from an arbitrary file upload vulnerability.
e1d15cf29f3926087b0d7678c38153dfHardDrive version 2.1 for iOS suffers from an arbitrary file upload vulnerability.
695c62431428b0200073ffddb04b953aGigamon GigaVUE version 5.5.01.11 suffers from directory traversal and file upload with command execution vulnerabilities. Gigamon has chosen to sunset this product and not offer a patch.
0fcc796a695117342acf0f72ae2515deOpen-AudIT version 3.2.2 suffers from OS command injection, arbitrary file upload, and remote SQL injection vulnerabilities.
7ea2efd5fece16f023d6a11fbc170dd9PHP-Fusion version 9.03.50 suffers from an arbitrary file upload vulnerability.
e36604a9b6dcdb3914f2f4ead087df72Air Sender version 1.0.2 for iOS suffers from an arbitrary file upload vulnerability.
1be8fe922a7c416f5c4ef8ecbdd3f758Playable version 9.18 for iOS suffers from script insertion and arbitrary file upload vulnerabilities.
69db8a47fd6bb84d9111eb838cd1a7a7Ubuntu Security Notice 4330-1 - It was discovered that PHP incorrectly handled certain file uploads. An attacker could possibly use this issue to cause a crash. It was discovered that PHP incorrectly handled certain PHAR archive files. An attacker could possibly use this issue to access sensitive information. It was discovered that PHP incorrectly handled certain EXIF files. An attacker could possibly use this issue to access sensitive information or cause a crash. Various other issues were also addressed.
0fda62773a60658789b8a8c4895924f6WordPress Event-Registration plugin version 5.43 suffers from an arbitrary file upload vulnerability.
279cd9d30da9f9ede81e18d63144ff44Joomla GMapFP component version 3.30 suffers from an arbitrary file upload vulnerability.
ff385678ff3635685901b5f601407cc8
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed