FlexDotnetCMS Arbitrary ASP File Upload

This module exploits an arbitrary file upload vulnerability in FlexDotnetCMS v1.5.8 and prior in order to execute arbitrary commands with elevated privileges. The module first tries to authenticate to FlexDotnetCMS via an HTTP POST request to /login. It then attempts to upload a random TXT file a...

CVE-2017-7552

A flaw was discovered in the file editor of millicore which allows files to be executed as well as created. An attacker could use this flaw to compromise other users or teams projects stored in source control management of the RHMAP Core installation...

CVE-2020-10114

cPanel before 84.0.20 allows stored self-XSS via the HTML file editor SEC-535...

CVE-2020-10114

cPanel before 84.0.20 allows stored self-XSS via the HTML file editor SEC-535...

Cross site scripting

cPanel before 84.0.20 allows stored self-XSS via the HTML file editor SEC-535...

CVE-2020-10114

cPanel before 84.0.20 allows stored self-XSS via the HTML file editor SEC-535...

CVE-2020-10114

CVE-2020-10114 affects cPanel prior to 84.0.20. The vulnerability is described as a stored self‑XSS via the HTML file editor (SEC-535). The connected documents do not provide additional technical details such as affected components beyond the editor, exploit vectors, or concrete remediation steps...

Privilege Escalation

RHMAP file editor is vulnerable to privilege escalation attacks. An attacker could manipulate the file editor of millicore with an unknown input in order to gain elevated privileges. The attacker may then be able to perform unauthorized actions...

CVE-2018-18324

CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.480 has XSS via the admin/fileManager2.php fmcurrentdir parameter, or the admin/index.php module, servicestart, servicefullstatus, servicerestart, servicestop, or file within the fileeditor parameter...

CVE-2018-18323

CentOS-WebPanel.com aka CWP CentOS Web Panel 0.9.8.480 has Local File Inclusion via directory traversal with an admin/index.php?module=fileeditor&file=/../ URI...

PT-2018-14406 · Centos · Centos Web Panel

Name of the Vulnerable Software and Affected Versions: CentOS Web Panel version 0.9.8.480 Description: The issue concerns a Local File Inclusion vulnerability via directory traversal. This can be exploited through the "/admin/index.php?module=file editor&file=/../" URI, which allows access to...

CentOS Web Panel Local File Inclusion Vulnerability

CentOS Web Panel is a CentOS Lnuix system administration panel. A local file inclusion vulnerability exists in CentOS Web Panel 0.9.8.480, which can be exploited to achieve local file inclusion by traversing the directory via the admin/index.php?module=fileeditor&file=/... / URI for directory...

PT-2018-14407 · Centos · Centos Web Panel

Name of the Vulnerable Software and Affected Versions: CentOS Web Panel version 0.9.8.480 Description: The issue concerns a Cross-Site Scripting XSS problem. It affects the fm current dir parameter in the "admin/fileManager2.php" endpoint, as well as the module, service start, service fullstatus,...

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway - File Manipulation

Microhard Systems 3G/4G Cellular Ethernet and Serial Gateway Arbitrary File Attacks Vendor: Microhard Systems Inc. Product web page: http://www.microhardcorp.com Affected version: IPn4G 1.1.0 build 1098 IPn3Gb 2.2.0 build 2160 IPn4Gb 1.1.6 build 1184-14 IPn4Gb 1.1.0 Rev 2 build 1090-2 IPn4Gb 1.1....

CVE-2017-7552

A flaw was discovered in the file editor of millicore, affecting versions before 3.19.0 and 4.x before 4.5.0, which allows files to be executed as well as created. An attacker could use this flaw to compromise other users or teams projects stored in source control management of the RHMAP Core...

CVE-2017-7552

A flaw was discovered in the file editor of millicore, affecting versions before 3.19.0 and 4.x before 4.5.0, which allows files to be executed as well as created. An attacker could use this flaw to compromise other users or teams projects stored in source control management of the RHMAP Core...

Design/Logic Flaw

A flaw was discovered in the file editor of millicore, affecting versions before 3.19.0 and 4.x before 4.5.0, which allows files to be executed as well as created. An attacker could use this flaw to compromise other users or teams projects stored in source control management of the RHMAP Core...

CVE-2017-7552

A flaw was discovered in the file editor of millicore, affecting versions before 3.19.0 and 4.x before 4.5.0, which allows files to be executed as well as created. An attacker could use this flaw to compromise other users or teams projects stored in source control management of the RHMAP Core...

CVE-2017-7552

CVE-2017-7552 affects the Red Hat Mobile Application Platform (RHMAP) file editor (millicore). The flaw, in affected versions before 3.19.0 and 4.x before 4.5.0, allows files to be executed as well as created, enabling an attacker to compromise other users’ or teams’ projects stored in source con...

RHMAP Millicore IDE allows RCE on SCM

A flaw was discovered in the file editor of millicore which allows files to be executed as well as created. An attacker could use this flaw to compromise other users or teams projects stored in source control management of the RHMAP Core installation...