CVE-2023-24114

typecho 1.1/17.10.30 was discovered to contain a remote code execution RCE vulnerability via install.php...

CVE-2023-24114

typecho 1.1/17.10.30 was discovered to contain a remote code execution RCE vulnerability via install.php...

CVE-2023-24114

typecho 1.1/17.10.30 was discovered to contain a remote code execution RCE vulnerability via install.php...

CVE-2023-24114

Typecho 1.1/17.10.30 is affected by CVE-2023-24114, a remote code execution (RCE) vulnerability via install.php. The vulnerability triggers a high-severity impact (CVSS 3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) with full confidentiality, integrity, and availability impact reported. Exploitation d...

CVE-2023-24114

typecho 1.1/17.10.30 was discovered to contain a remote code execution RCE vulnerability via install.php...

SUSE CVE-2008-0123

Cross-site scripting XSS vulnerability in install.php for Moodle 1.8.3, and possibly other versions before 1.8.4, allows remote attackers to inject arbitrary web script or HTML via the dbname parameter. NOTE: this issue only exists until the installation is complete...

U.S. Dept Of Defense: Install.php File Exposure on Drupal

The install.php file on Drupal 8 or higher was left accessible after installation, potentially allowing attackers to reinstall the website and cause data loss or other issues. Additionally, an error message displayed on the website could be used to escalate privilege and access sensitive...

LibreNMS Arbitrary File Read

The installation process in LibreNMS before 2017-08-18 allows remote attackers to read arbitrary files, related to html/install.php...

CVE-2021-43479

A Remote Code Execution RCE vulnerability exists in The-Secretary 2.5 via install.php...

Remote code execution

A Remote Code Execution RCE vulnerability exists in The-Secretary 2.5 via install.php...

CVE-2021-43479

CVE-2021-43479 affects The-Secretary 2.5 and is a Remote Code Execution (RCE) via install.php. The vulnerability is documented with high/severe CVSS metrics (CVSSv3.1: 9.8, NETWORK, LOW attack complexity, NONE privileges required, NONE user interaction, high impact on confidentiality, integrity a...

CVE-2021-43479

A Remote Code Execution RCE vulnerability exists in The-Secretary 2.5 via install.php...

The-Secretary 安全漏洞

The-Secretary is a simple content management system by the Canadian mikaelstaer individual developer. The-Secretary 2.5 suffers from a security vulnerability that could lead to an RCE via install.php...

CVE-2022-25101

A vulnerability in the component /templates/install.php of WBCE CMS v1.5.2 allows attackers to execute arbitrary code via a crafted PHP file...

CVE-2020-19527

iCMS 7.0.14 attackers to execute arbitrary OS commands via shell metacharacters in the DBNAME parameter to install/install.php...

Design/Logic Flaw

iCMS 7.0.14 attackers to execute arbitrary OS commands via shell metacharacters in the DBNAME parameter to install/install.php...

CVE-2020-19142

iCMS 7 attackers to execute arbitrary OS commands via shell metacharacters in the DBPREFIX parameter to install/install.php...

CVE-2020-19527

iCMS 7.0.14 attackers to execute arbitrary OS commands via shell metacharacters in the DBNAME parameter to install/install.php...

idreamsoft iCMS Operating System Command Injection Vulnerability

idreamsoft iCMS is an open source content management system CMS based on PHP and MySQL. A security vulnerability exists in iCMS 7.0.14, which can be exploited by an attacker to install.php by executing arbitrary OS commands via shell metacharacters in the DB NAME parameter...

CVE-2020-15177

GLPI prior to 9.5.2 is vulnerable due to install/install.php storing user input into url_base/url_base_api, enabling XSS and insecure redirection without authentication; patch to 9.5.2 or later.