Yuri Kramarz

1 exploit Active since Nov 2019
CVE-2014-1214 EXPLOITDB HIGH text WORKING POC
ProJoom Smart Flash Header < 3.0.2 - Unauthenticated Arbitrary File Upload via Crafted Dest and Filename Parameters
views/upload.php in the ProJoom Smart Flash Header (NovaSFH) component 3.0.2 and earlier for Joomla! allows remote attackers to upload and execute arbitrary files via a crafted (1) dest parameter and (2) arbitrary extension in the Filename parameter.
CVSS 8.8