seeing is believing
Showing 101 - 125 of 730 RSS Feed

File Upload Files

Idera Up.Time Monitoring Station 7.4 post2file.php Arbitrary File Upload Version 2
Posted Nov 13, 2015
Authored by Denis Andzakovic | Site metasploit.com

This Metasploit module exploits a vulnerability found in Uptime version 7.4.0 and 7.5.0. The vulnerability began as a classic arbitrary file upload vulnerability in post2file.php, which can be exploited by exploits/multi/http/uptime_file_upload_1.rb, but it was mitigated by the vendor. Although the mitigation in place will prevent uptime_file_upload_1.rb from working, it can still be bypassed and gain privilege escalation, and allows the attacker to upload file again, and execute arbitrary commands.

tags | exploit, web, arbitrary, php, file upload
MD5 | 1cf7b5d392550c238a65f2b9ff6d5031
WordPress Ajax Load More PHP Upload
Posted Nov 9, 2015
Authored by temp66 | Site metasploit.com

This Metasploit module exploits an arbitrary file upload in the WordPress Ajax Load More version 2.8.1.1. It allows you to upload arbitrary php files and get remote code execution. This Metasploit module has been tested successfully on WordPress Ajax Load More 2.8.0 with WordPress 4.1.3 on Ubuntu 12.04/14.04 Server.

tags | exploit, remote, arbitrary, php, code execution, file upload
systems | linux, ubuntu
MD5 | 3ccb8b1da98de9f443c1c6e265a148eb
ATutor 2.2 File Upload
Posted Nov 4, 2015
Authored by EgiX

ATutor versions 2.2 and below suffer from a remote unrestricted file upload vulnerability.

tags | exploit, remote, file upload
advisories | CVE-2014-9752
MD5 | 07499b6750c1e85829c0817d87da1937
Th3 MMA mma.php Backdoor Arbitrary File Upload
Posted Oct 27, 2015
Authored by Jay Turla | Site metasploit.com

This Metasploit module exploits Th3 MMA mma.php Backdoor which allows an arbitrary file upload that leads to arbitrary code execution. This backdoor also echoes the Linux kernel version or operating system version because of the php_uname() function.

tags | exploit, arbitrary, kernel, php, code execution, file upload
systems | linux
MD5 | 26766b958880f49852cf7d50e27b5f16
ManageEngine ServiceDesk Plus Arbitrary File Upload
Posted Oct 8, 2015
Authored by Pedro Ribeiro | Site metasploit.com

This Metasploit module exploits a file upload vulnerability in ManageEngine ServiceDesk Plus. The vulnerability exists in the FileUploader servlet which accepts unauthenticated file uploads. This Metasploit module has been tested successfully on versions v9 b9000 - b9102 in Windows and Linux. The MSP versions do not expose the vulnerable servlet.

tags | exploit, file upload
systems | linux, windows
MD5 | 5382da1d82ea16f8ac9e643c4b7104c2
GLPI 0.85.5 Remote Code Execution / File Upload
Posted Oct 7, 2015
Authored by Raffaele Forte

GLPI version 0.85.5 suffers from a file upload filter bypass vulnerability that allows for remote code execution.

tags | exploit, remote, code execution, bypass, file upload
MD5 | 6dfed8fd277f84d89a496e6687d4c746
ManageEngine ServiceDesk File Upload / Code Execution
Posted Oct 5, 2015
Authored by Pedro Ribeiro

ManageEngine ServiceDesk allows for remote code execution via an arbitrary file upload vulnerability. Builds prior to 9103 are affected.

tags | exploit, remote, arbitrary, code execution, file upload
MD5 | a3b912e40243bbda29c463be690630dc
Kaseya VSA uploader.aspx Arbitrary File Upload
Posted Oct 2, 2015
Authored by Pedro Ribeiro | Site metasploit.com

This Metasploit module exploits an arbitrary file upload vulnerability found in Kaseya VSA versions between 7 and 9.1. A malicious unauthenticated user can upload an ASP file to an arbitrary directory leading to arbitrary code execution with IUSR privileges. This Metasploit module has been tested with Kaseya v7.0.0.17, v8.0.0.10 and v9.0.0.3.

tags | exploit, arbitrary, code execution, asp, file upload
advisories | CVE-2015-6922
MD5 | 1ed310adae7ef7d86de486f92950fe9d
Collabtive 2.0 Shell Upload
Posted Sep 28, 2015
Authored by Arturo Rodriguez

Collabtive version 2.0 suffers from an arbitrary file upload vulnerability.

tags | exploit, arbitrary, file upload
advisories | CVE-2015-0258
MD5 | 9c6a8438c3abf888bb1b897c4d3d293e
Mango Automation 2.6.0 File Upload / Code Execution CSRF
Posted Sep 28, 2015
Authored by LiquidWorm | Site zeroscience.mk

Mango Automation version 2.6.0 file upload and arbitrary JSP code execution cross site request forgery exploit.

tags | exploit, arbitrary, code execution, file upload, csrf
MD5 | 320696d72a2c027da67ab2d5e323901a
X2Engine 4.2 Arbitrary File Upload
Posted Sep 26, 2015
Authored by Simone Quatrini | Site portcullis-security.com

X2Engine version 4.2 suffers from a remote arbitrary file upload vulnerability.

tags | exploit, remote, arbitrary, file upload
advisories | CVE-2015-5074
MD5 | eeaf3b38473c2f83ac0af3f10346bf48
Unified Layer Shell Upload
Posted Sep 24, 2015
Authored by UmPire

Due to a server misconfiguration, customers of Unified Layer suffer from a remote shell upload vulnerability.

tags | exploit, remote, shell, file upload
MD5 | d183ce53e590f400e82e11a788c520e5
WiFi Drive CR 1.0 Script Insertion
Posted Sep 24, 2015
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

WiFi Drive CR version 1.0 suffers from a file upload vulnerability that allows for malicious script execution.

tags | exploit, file upload
MD5 | e5b0fbe95a48d4ac1579dfdbdf3eb4ac
Air Drive Plus 2.4 Arbitrary File Upload
Posted Sep 22, 2015
Authored by Benjamin Kunz Mejri | Site vulnerability-lab.com

Air Drive Plus version 2.4 suffers from an arbitrary file upload vulnerability.

tags | exploit, arbitrary, file upload
MD5 | 2d35cf61bbf4117621223ab11112f05b
Openfire 3.10.2 Arbitrary File Upload
Posted Sep 15, 2015
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

Openfire version 3.10.2 suffers from an arbitrary local file upload vulnerability.

tags | exploit, remote, file upload
MD5 | 47dd5bddd03d30a73a3cb61b81fb9673
Netsweeper Bypass / XSS / Redirection / SQL Injection / Execution
Posted Aug 11, 2015
Authored by Anastasios Monachos

This archive houses a large quantity of vulnerabilities identified in Netsweeper versions ranging from 2.6.29 through 4.0.9. These include authentication bypass, file upload and execution, cross site scripting, SQL injection, and more.

tags | exploit, vulnerability, xss, sql injection, file upload
systems | linux
advisories | CVE-2014-9605, CVE-2014-9606, CVE-2014-9607, CVE-2014-9608, CVE-2014-9609, CVE-2014-9610, CVE-2014-9611, CVE-2014-9612, CVE-2014-9613, CVE-2014-9614, CVE-2014-9615, CVE-2014-9616, CVE-2014-9617, CVE-2014-9618, CVE-2014-9619
MD5 | 15a53c60fa1f9b66d9d2524dbb56c7d4
Thomson Reuters FATCA Arbitrary File Upload
Posted Aug 8, 2015
Authored by Jakub Palaczynski

Thomson Reuters FATCA suffers from an arbitrary file upload vulnerability that can result in command execution.

tags | advisory, arbitrary, file upload
advisories | CVE-2015-5951
MD5 | 29f2d2137785ac259e5162881b3ab98a
Webfolio CMS 2.5.1 Insecure File Upload
Posted Aug 5, 2015
Authored by Sharankumar Somana

Webfolio CMS version 2.5.1 suffers from an insecure file upload vulnerability.

tags | exploit, file upload
MD5 | 0371afd7e800ab820e9b5bfc9c309804
Joomla Helpdesk Pro XSS / File Disclosure / SQL Injection
Posted Jul 21, 2015
Authored by Gregor Mynarsky, Kristian Varnai, Simon Rawet

Joomla Helpdesk Pro versions prior to 1.4.0 suffers from cross site scripting, local file disclosure, remote file upload, remote SQL injection, and insecure direct object reference vulnerabilities.

tags | exploit, remote, local, vulnerability, xss, sql injection, file inclusion, file upload
advisories | CVE-2015-4071, CVE-2015-4072, CVE-2015-4073, CVE-2015-4074, CVE-2015-4075
MD5 | 6d7a836f375efa881a6df1548d76e536
SysAid Help Desk 'rdslogs' Arbitrary File Upload
Posted Jul 20, 2015
Authored by Pedro Ribeiro | Site metasploit.com

This Metasploit module exploits a file upload vulnerability in SysAid Help Desk v14.3 and v14.4. The vulnerability exists in the RdsLogsEntry servlet which accepts unauthenticated file uploads and handles zip file contents in a insecure way. By combining both weaknesses, a remote attacker can accomplish remote code execution. Note that this will only work if the target is running Java 6 or 7 up to 7u25, as Java 7u40 and above introduces a protection against null byte injection in file names. This Metasploit module has been tested successfully on version v14.3.12 b22 and v14.4.32 b25 in Linux. In theory this module also works on Windows, but SysAid seems to bundle Java 7u40 and above with the Windows package which prevents the vulnerability from being exploited.

tags | exploit, java, remote, code execution, file upload
systems | linux, windows
advisories | CVE-2015-2995
MD5 | b2b30aee5fd7308ee7075ec1ccc2c93a
SysAid Help Desk Administrator Portal Arbitrary File Upload
Posted Jul 17, 2015
Authored by Pedro Ribeiro | Site metasploit.com

This Metasploit module exploits a file upload vulnerability in SysAid Help Desk. The vulnerability exists in the ChangePhoto.jsp in the administrator portal, which does not handle correctly directory traversal sequences and does not enforce file extension restrictions. You need to have an administrator account, but there is a Metasploit auxiliary module that can create one for you. This Metasploit module has been tested in SysAid v14.4 in both Linux and Windows.

tags | exploit, file upload
systems | linux, windows
advisories | CVE-2015-2994
MD5 | 7b56518cd88728ae118a9c8c4346e802
SysAid Help Desk 'rdslogs' Arbitrary File Upload
Posted Jul 17, 2015
Authored by Pedro Ribeiro | Site metasploit.com

This Metasploit module exploits a file upload vulnerability in SysAid Help Desk v14.3 and v14.4. The vulnerability exists in the RdsLogsEntry servlet which accepts unauthenticated file uploads and handles zip file contents in a insecure way. Combining both weaknesses a remote attacker can accomplish remote code execution. Note that this will only work if the target is running Java 6 or 7 up to 7u25, as Java 7u40 and above introduce a protection against null byte injection in file names. This Metasploit module has been tested successfully on version v14.3.12 b22 and v14.4.32 b25 in Linux. In theory this module also works on Windows, but SysAid seems to bundle Java 7u40 and above with the Windows package which prevents the vulnerability from being exploited.

tags | exploit, java, remote, code execution, file upload
systems | linux, windows
advisories | CVE-2015-2995
MD5 | b51dc42c6747ed2d019da4db53bb0bc4
AjaxControlToolkit File Upload Directory Traversal
Posted Jul 14, 2015
Authored by Brian Cardinale

The AjaxControlToolkit prior to version 15.1 has a file upload directory traversal vulnerability which on a poorly configured web server can lead to remote code execution.

tags | advisory, remote, web, code execution, file upload
advisories | CVE-2015-4670
MD5 | 59f45e703f5fbb90b27270107d19932b
WordPress WP-PowerPlayGallery 3.3 File Upload / SQL Injection
Posted Jul 14, 2015
Authored by Larry W. Cashdollar

WordPress WP-PowerPlayGallery plugin version 3.3 suffers from remote file upload and remote SQL injection vulnerabilities.

tags | exploit, remote, vulnerability, sql injection, file upload
MD5 | 1144fa45fbb8e9bc98c05f2a6c450935
phpSQLiteCMS CSRF / XSS / Privilege Escalation / File Upload
Posted Jul 13, 2015
Authored by hyp3rlinx | Site hyp3rlinx.altervista.org

phpSQLiteCMS suffers from cross site request forgery, cross site scripting, arbitrary file upload, and privilege escalation vulnerabilities.

tags | exploit, arbitrary, vulnerability, xss, sql injection, file upload, csrf
MD5 | 8f27a4b84b6ffbd88f2e31971e851b10
Page 5 of 30
Back34567Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    6 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close