Frog CMS Cross-Site Scripting Vulnerability (CNVD-2018-09306)

Frog CMS is a content management system CMS developed by software developer Philippe Archambault. The system provides tools for page templates, user rights management, and document management. A cross-site scripting vulnerability exists in Frog CMS version 0.9.5. A remote attacker can exploit thi...

CMS Made Simple Physical Path Disclosure Vulnerability (CNVD-2018-09058)

CMS Made Simple CMSMS is an open source content management system CMS developed by the CMSMS team. The system supports role-based rights management system , wizard-based installation and update mechanism , intelligent caching mechanism and so on. A security vulnerability exists in CMSMS 2.2.7 and...

CVE-2018-10523

CMS Made Simple CMSMS through 2.2.7 contains a physical path leakage Vulnerability via /modules/DesignManager/action.ajaxgettemplates.php, /modules/DesignManager/action.ajaxgetstylesheets.php, /modules/FileManager/dunzip.php, or /modules/FileManager/untgz.php...

Frog CMS Cross-Site Scripting Vulnerability (CNVD-2018-08549)

Frog CMS is a content management system CMS developed by software developer Philippe Archambault. The system provides tools for page templates, user rights management, and document management. A cross-site scripting vulnerability exists in Frog CMS version 0.9.5. A remote attacker can exploit the...

Frog CMS Cross-Site Scripting Vulnerability

Frog CMS is a content management system CMS developed by software developer Philippe Archambault. The system provides tools for page templates, user rights management, and document management. A cross-site scripting vulnerability exists in Frog CMS version 0.9.5. A remote attacker can exploit the...

CVE-2014-2069

Absolute path traversal vulnerability in Eshtery CMS allows remote attackers to read arbitrary files via a full pathname in the file parameter to FileManager.aspx...

CVE-2018-9992

Frog CMS 0.9.5 has XSS via the name field of a new "File" or "Directory" on the admin/?/plugin/filemanager/browse/ screen...

Arbitrary file deletion

Frog CMS 0.9.5 has XSS via the name field of a new "File" or "Directory" on the admin/?/plugin/filemanager/browse/ screen...

CVE-2018-9992

Frog CMS 0.9.5 has XSS via the name field of a new "File" or "Directory" on the admin/?/plugin/filemanager/browse/ screen...

B4Tm4N - PHP WEBSHELL

Features 0 File Manager 1 Sec. Info 2 Simply Database 3 Interactive terminal 4 PHP Reverse Back Connect 5 Run PHP Code 6 Custom Toolz 7 Self Script Encryptor ! Download B4Tm4N...

CVE-2018-1000094

CMS Made Simple version 2.2.5 contains a Remote Code Execution vulnerability in File Manager that can result in Allows an authenticated admin that has access to the file manager to execute code on the server. This attack appear to be exploitable via File upload - copy to any extension...

CVE-2018-1000094

CMS Made Simple version 2.2.5 contains a Remote Code Execution vulnerability in File Manager that can result in Allows an authenticated admin that has access to the file manager to execute code on the server. This attack appear to be exploitable via File upload - copy to any extension...

Remote code execution

CMS Made Simple version 2.2.5 contains a Remote Code Execution vulnerability in File Manager that can result in Allows an authenticated admin that has access to the file manager to execute code on the server. This attack appear to be exploitable via File upload - copy to any extension...

CVE-2018-1000094

CMS Made Simple version 2.2.5 contains a Remote Code Execution vulnerability in File Manager that can result in Allows an authenticated admin that has access to the file manager to execute code on the server. This attack appear to be exploitable via File upload - copy to any extension...

CVE-2018-1000094

CVE-2018-1000094 affects CMS Made Simple 2.2.5. The vulnerability is a remote code execution via the File Manager, exploitable by an authenticated administrator who can upload a file and copy/rename it to a PHP extension, enabling execution of arbitrary code on the server (e.g., via a PHP shell)....

CMS Made Simple Remote Code Execution Vulnerability (CNVD-2018-06398)

CMS Made Simple CMSMS is an open source content management system CMS developed by the CMSMS team. The system supports role-based rights management system , wizard-based installation and update mechanism , intelligent caching mechanism , etc. File Manager is one of the file management component ....

Design/Logic Flaw

inc/logger.php in the Giribaz File Manager plugin before 5.0.2 for WordPress logged activity related to the plugin in /wp-content/uploads/file-manager/log.txt. If a user edits the wp-config.php file using this plugin, the wp-config.php contents get added to log.txt, which is not protected and...

CVE-2018-7204

inc/logger.php in the Giribaz File Manager plugin before 5.0.2 for WordPress logged activity related to the plugin in /wp-content/uploads/file-manager/log.txt. If a user edits the wp-config.php file using this plugin, the wp-config.php contents get added to log.txt, which is not protected and...

CVE-2018-7204

inc/logger.php in the Giribaz File Manager plugin before 5.0.2 for WordPress logged activity related to the plugin in /wp-content/uploads/file-manager/log.txt. If a user edits the wp-config.php file using this plugin, the wp-config.php contents get added to log.txt, which is not protected and...

CVE-2018-7204

The CVE-2018-7204 issue affects the Giribaz File Manager WordPress plugin (inc/logger.php) prior to version 5.0.2. The plugin logs activity to /wp-content/uploads/file-manager/log.txt, and when a user edits wp-config.php via the plugin, the contents are written to log.txt without protection. Thes...