23 matches found
CVE-2020-12838
ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/mailAdmin.php...
CVE-2025-64216
CVE-2025-64216 is a Local File Inclusion vulnerability in WordPress theme SmartMag (versions
EUVD-2018-8198
Malware in sbrugna...
EUVD-2006-2905
Malware in sbrugna...
EUVD-2021-1681
Malware in sbrugna...
EUVD-2015-5594
Malware in sbrugna...
EUVD-2017-16348
Malware in sbrugna...
EUVD-2006-5070
Malware in sbrugna...
EUVD-2020-6226
Malware in sbrugna...
EUVD-2022-42765
Malicious code in bioql PyPI...
CVE-2020-12839
ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/checkExpirationDate.php...
PT-2024-13351 · Vtiger · Vtiger Crm
Name of the Vulnerable Software and Affected Versions: Vtiger CRM version 7.5.0 Description: The issue allows a remote authenticated attacker to run arbitrary PHP code because an unprotected endpoint allows them to write this code to the config.inc.php file, which is executed on every page load...
Remote Code Execution (RCE)
October CMS is vulnerable to remote code execution. The vulnerability exists due to a lack of sanitization of PHP code int he template markup allowing an attacker with "create, modify and delete website pages" privileges to inject maliciously crafted PHP code...
Privilege escalation
ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/mailAdmin.php...
PlaySms 1.4 Remote Code Execution
Exploit Title: PlaySMS 1.4 Code Execution using $filename and Unrestricted File Upload in sendfromfile.php Date: 14-05-2017 Software Link: https://playsms.org/download/ Version: 1.4 Exploit Author: Touhid M.Shaikh Contact: http://twitter.com/touhidshaikh22 Website: http://touhidshaikh.com/...
CVE-2014-5194
Static code injection vulnerability in admin/admin.php in Sphider 1.3.6 allows remote authenticated users to inject arbitrary PHP code into settings/conf.php via the wordupperbound parameter...
JE Messenger 1.0 Arbitrary file upload vulnerability-vulnerability warning-the black bar safety net
Publishing author: Salvatore Fresta aka Drosophila Official website: joomlaextensions. co. in Vulnerability type: file upload Vulnerability Description: The program save the function in an error, the compose.php allows to registered users to upload with any file extension. For a valid file...
CVE-2007-5693
Eval injection vulnerability in the translation module translator.php in SiteBar 3.3.8 allows remote authenticated users to execute arbitrary PHP code via the edit parameter in an upd cmd action, a different vulnerability than CVE-2007-5492...
PLS-Bannieres 1.21 (bannieres.php) File Include
PLS-Bannieres 1.21 bannieres.php File Include Source Code: ftp://ftp1.comscripts.com/PHP/1959ban01-01.zip Vulnerable Code: modules/bannieres/bannieres.php In Line 13 : include "$chemin/includes/connexion.php" ; Exploit :...
CVE-2006-4433
PHP before 4.4.3 and 5.x before 5.1.4 does not limit the character set of the session identifier PHPSESSID for third party session handlers, which might make it easier for remote attackers to exploit other vulnerabilities by inserting PHP code into the PHPSESSID, which is stored in the session...