PhpCollab is vulnerable to an unauthenticated php remote file inclusion, allowing attackers to execute arbitrary php code in the system.
This module exploits an arbitrary file upload in DotCMS to install an agent.
This module exploits an arbitrary file upload in Trend Micro Mobile Security for Enterprise to install an agent.
This module exploits a zip file upload directory traversal in ATutor AContent to install an agent.
This module exploits a directory traversal arbitrary file upload in Schneider Electric U.Motion Builder to install an agent.
This module uses an arbitrary file upload vulnerability in Magento eCommerce Web Sites to gain arbitrary code execution on the affected system.
Authentication is required to access the administrative panel.
Authentication is required to access the administrative panel.
This module uses a directory traversal vulnerability in the file import feature in Nuxeo Platform CMS to upload a JSP to gain arbitrary code execution on the affected system.
Authentication bypass and upload of file with dangerous type in Boonex Dolphin = 7.3.2 allows to remote unauthenticated attackers to affect integrity and availability via PHP remote file inclusion.
Report.php fails to sanitize user input data on StartingDirectory parameter when used in an include.
osCommerce Online Merchant 2.2 RC2a is vulnerable to an Arbitrary File Upload without the need to be authenticated. This leads to arbitrary PHP code execution in the context of the webserver.
This module tries to install a RFI agent if the Web Application is vulnerable. It will fail if the webserver is not allowed to write on the document root of the vulnerable web application.
This module tries to install a RFI agent if the Web Application is vulnerable. It will fail if the webserver is not allowed to write on the document root of the vulnerable web application.