Arbitrary File Editing Vulnerability in Light CMS Version 1.7

Light CMS is an intelligent website building system built in PHP+MYSQL environment. Light CMS 1.7 version of the existence of arbitrary file editing vulnerability, the vulnerability stems from the file path to modify the file and to write the contents of the file are not filtered, the attacker ca...

Design/Logic Flaw

October CMS build 412 is vulnerable to file path modification in asset move functionality resulting in creating creating malicious files on the server...

CVE-2017-1000197

October CMS build 412 is vulnerable to file path modification in asset move functionality resulting in creating creating malicious files on the server...

CVE-2017-1000197

October CMS build 412 is vulnerable to file path modification in asset move functionality resulting in creating creating malicious files on the server...

CVE-2017-1000197

CVE-2017-1000197 affects October CMS 1.x build 412, where the asset move function allows file path modification, enabling creation of malicious files on the server. Root cause centers on insecure path handling during asset operations. NVD metrics show CVSSv2 7.5 (HIGH) and CVSSv3 9.8 (CRITICAL) w...

October CMS File Path Modification Vulnerability

OctoberCMS is a CMS system based on Laravel PHP development framework. A file path modification vulnerability exists in the asset movement feature of October CMS build 412. An attacker can exploit this vulnerability to create malicious files on the server...

CVE-2012-2244

Mahara 1.4.x before 1.4.5 and 1.5.x before 1.5.4 allows remote authenticated administrators to execute arbitrary programs by modifying the path to clamav. NOTE: this can be exploited without authentication by leveraging CVE-2012-2243...

Le tour travel site management system v1. 7. 3 Oday-vulnerability warning-the black bar safety net

Author:Lan3a First: The administrator directory under AdminPassod. asp !-- include file="../Include/conn. asp" - !-- include file="../Include/md5. asp" - % select case request. QueryString"Action" case "ModifyPass" SaveNewPass case else end select set rs = server. createobject"adodb. recordset"...

Fedora Core 10 FEDORA-2009-2651 (pdfjam)

The remote host is missing an update to pdfjam announced via advisory FEDORA-2009-2651. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

CVE-2002-2221

Untrusted search path vulnerability in Pedro Lineu Orso chetcpasswd 2.4.1 and earlier allows local users to gain privileges via a modified PATH that references a malicious cp binary. NOTE: this issue might overlap CVE-2006-6639...