PHP utility belt is a set of tools for PHP developers. Install in a browser-accessible directory and have at it. ajax.php is accessible without any authentication. The vulnerable code allows an attacker to execute arbitrary code by sending a POST request with the code parameter set to the malicious code. This can be exploited to create a malicious PHP file, such as info.php, which can be used to display the PHP info page.
This module exploits a remote code execution vulnerability in phpFileManager 0.9.8 which is a filesystem management tool on a single file.
OpenMRS suffers from a file disclosure vulnerability when input passed thru the 'url' parameter to viewPortlet.htm script is not properly verified before being used to include files. This can be exploited to include files from local resources with directory traversal attacks.
OpenMRS suffers from multiple stored and reflected cross-site scripting vulnerabilities when input passed via several parameters to several scripts is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
Input passed via the 'personType' parameter is not properly sanitised in the spring's expression language support via 'addPerson.htm' script before being used. This can be exploited to inject expression language (EL) and subsequently execute arbitrary Java code.
The vulnerability is caused due to an error when parsing XML entities within ZIP archives and can be exploited to e.g. disclose data from local resources or cause a DoS condition (billion laughs) via a specially crafted XML file including external entity references.
A path traversal vulnerability exists in SIMOGEO FileManager 2.3.0. An attacker can bypass the filtering rules by using '....//' to delete '../' and can access arbitrary files on the server. This can be exploited to read sensitive files such as /etc/passwd.
WinAsm Studio 5.1.8.8 is vulnerable to a buffer overflow vulnerability when a specially crafted string is passed to the DrawTextExA() function. This can be exploited to cause a denial of service condition when a maliciously crafted file is opened in the application.
Wordpress plugin Sell Download v1.0.16 is suffer from Local File Disclosure Vulnerability remote attacker can disclosure some local files.
Wordpress plugin Advanced uploader v2.10 is suffer from multiple vulnerabilities remote attacker can upload file/shell/backdoor and exec commands or disclosure some local files.
Services By CQR