648 matches found
Merge + Minify + Refresh < 1.10.7 - Authenticated Arbitrary File Delete
The plugin relied on the isadmin check, without checking the user's capabilities, when deleting arbitrary files. The functionality was also vulnerable to Cross-site Request Forgery CSRF allowing attackers to delete arbitrary files by tricking authenticated users into visiting a page they...
CVE-2019-20221
In Support Incident Tracker SiT! 3.67, Load Plugins input in the config.php page is affected by XSS. The XSS payload is, for example, executed on the about.php page...
CVE-2019-20222
In Support Incident Tracker SiT! 3.67, the Short Application Name and Application Name inputs in the config.php page are affected by XSS...
Cross site scripting
In Support Incident Tracker SiT! 3.67, Load Plugins input in the config.php page is affected by XSS. The XSS payload is, for example, executed on the about.php page...
Cross site scripting
In Support Incident Tracker SiT! 3.67, the Short Application Name and Application Name inputs in the config.php page are affected by XSS...
CVE-2019-20221
CVE-2019-20221 affects Support Incident Tracker (SiT!) version 3.67. The vulnerability is a Cross-Site Scripting (XSS) in the “Load Plugins” input on the config.php page, with the payload potentially executed on pages such as about.php. Multiple sources corroborate the issue across CVE records an...
CVE-2019-20221
In Support Incident Tracker SiT! 3.67, Load Plugins input in the config.php page is affected by XSS. The XSS payload is, for example, executed on the about.php page...
CVE-2019-20222
In Support Incident Tracker SiT! 3.67, the Short Application Name and Application Name inputs in the config.php page are affected by XSS...
CVE-2019-20222
The CVE-2019-20222 entry affects Support Incident Tracker (SiT!) version 3.67, where the Short Application Name and Application Name fields in the config.php page are vulnerable to cross-site scripting (XSS). Multiple connected sources (NVD entry and Red Hat security advisory) confirm the issue a...
CVE-2019-16867
HongCMS 3.0.0 allows arbitrary file deletion via a ../ in the file parameter to admin/index.php/database/ajax?action=delete, a similar issue to CVE-2018-16774. If the attacker deletes config.php and visits install/index.php, they can reinstall the product...
CVE-2016-10960
The wsecure plugin before 2.4 for WordPress has remote code execution via shell metacharacters in the wsecure-config.php publish parameter...
Advanced Access Manager < 5.9.9 - Arbitrary File Access/Download
Advanced Access Manager before Version 5.9.9 allows reading arbitrary files without checking whether a user is allowed to read the given file. This way one can download the wp-config.php file and get access to the database, which is publicly reachable on many servers. PoC...
CVE-2019-14746
A issue was discovered in KuaiFanCMS 5.0. It allows eval injection by placing PHP code in the install.php dbname parameter and then making a config.php request...
Design/Logic Flaw
A issue was discovered in KuaiFanCMS 5.0. It allows eval injection by placing PHP code in the install.php dbname parameter and then making a config.php request...
CVE-2019-14746
A issue was discovered in KuaiFanCMS 5.0. It allows eval injection by placing PHP code in the install.php dbname parameter and then making a config.php request...
Cross site request forgery (csrf)
Internal/Views/config.php in Schben Adive 2.0.7 allows admin/config CSRF to change a user password...
CVE-2019-14346
CVE-2019-14346 affects Schben Adive 2.0.7. The vulnerability is a Cross-Site Request Forgery in Internal/Views/config.php that allows an admin/config CSRF to change a user password due to insufficient validation of request origin. Root cause stated as Web application not adequately validating tru...
CVE-2019-14346
Internal/Views/config.php in Schben Adive 2.0.7 allows admin/config CSRF to change a user password...
CVE-2018-15892
CVE-2018-15892 affects FreePBX 13 and 14, with SQL injection in the DISA module via the hangup variable on the /admin/config.php?display=disa&view=form page. Root cause: unsafely constructed SQL in the DISA form handling. Impact: confidentiality, integrity, and availability potentially affected (...
Nextcloud: In Dockerized Environments, Failing to Read config.php Grants Any Anonymous User Full Admin Access
Consider this deployment: - Nextcloud is already installed in a Dockerized environment. - There are two Nextcloud containers running in the environment. - Both containers share the same MySQL database. - Both containers share the same data /var/www/html/data and config /var/www/html/config via...