Lucene search
K

67 matches found

NVD
NVD
added 2019/03/11 1:29 a.m.22 views

CVE-2019-9651

An issue was discovered in SDCMS V1.7. In the \app\admin\controller\themecontroller.php file, the checkbad function's filtering is not strict, resulting in PHP code execution. This occurs because some dangerous PHP functions such as "eval" are blocked but others such as "system" are not, and...

9.8CVSS9.7AI score0.02564EPSS
Exploits1References1
Prion
Prion
added 2019/03/11 1:29 a.m.16 views

Code injection

There is a CSRF in SDCMS V1.7 via an m=admin&c=theme&a=edit request. It allows PHP code injection by providing a filename in the file parameter, and providing file content in the t2 parameter...

6.8CVSS8.9AI score0.00614EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2019/03/11 1:29 a.m.18 views

Code injection

An issue was discovered in SDCMS V1.7. In the \app\admin\controller\themecontroller.php file, the checkbad function's filtering is not strict, resulting in PHP code execution. This occurs because some dangerous PHP functions such as "eval" are blocked but others such as "system" are not, and...

7.5CVSS9.6AI score0.02564EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2019/03/11 1:29 a.m.3 views

CVE-2019-9651

An issue was discovered in SDCMS V1.7. In the \app\admin\controller\themecontroller.php file, the checkbad function's filtering is not strict, resulting in PHP code execution. This occurs because some dangerous PHP functions such as "eval" are blocked but others such as "system" are not, and...

9.8CVSS7.4AI score0.02564EPSS
Exploits1References1
OSV
OSV
added 2019/03/11 1:29 a.m.5 views

CVE-2019-9652

There is a CSRF in SDCMS V1.7 via an m=admin&c=theme&a=edit request. It allows PHP code injection by providing a filename in the file parameter, and providing file content in the t2 parameter...

8.8CVSS7.4AI score0.00614EPSS
Exploits1References1
Cvelist
Cvelist
added 2019/03/11 1:0 a.m.24 views

CVE-2019-9652

There is a CSRF in SDCMS V1.7 via an m=admin&c=theme&a=edit request. It allows PHP code injection by providing a filename in the file parameter, and providing file content in the t2 parameter...

9AI score0.00614EPSS
Exploits1References1
Cvelist
Cvelist
added 2019/03/11 1:0 a.m.21 views

CVE-2019-9651

An issue was discovered in SDCMS V1.7. In the \app\admin\controller\themecontroller.php file, the checkbad function's filtering is not strict, resulting in PHP code execution. This occurs because some dangerous PHP functions such as "eval" are blocked but others such as "system" are not, and...

9.7AI score0.02564EPSS
Exploits1References1
CVE
CVE
added 2019/03/11 1:0 a.m.43 views

CVE-2019-9651

CVE-2019-9651 pertains to SDCMS v1.7, where the check_bad() filtering in the file \app\admin\controller\themecontroller.php is insufficiently strict. This allows PHP code execution because dangerous functions (e.g., eval) are blocked while others (e.g., system) are not, and because blocking ".php...

9.8CVSS9.6AI score0.02564EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2019/03/11 1:0 a.m.40 views

CVE-2019-9652

SDCMS V1.7 contains a CSRF leading to PHP code injection via an m=admin&c=theme&a=edit request. The vulnerable component is the file handling (filename via the file parameter and content via t2), enabling remote code execution within the CMS. Concrete details across sources confirm the attack vec...

8.8CVSS8.9AI score0.00614EPSS
Exploits1References1Affected Software1
CNVD
CNVD
added 2019/03/11 12:0 a.m.10 views

SDCMS PHP Code Execution Vulnerability

Smoke and Fire Network Technology SDCMS is a PHP and MySQL based enterprise station building content management system CMS by China Smoke and Fire Network Technology. A code injection vulnerability exists in the appadmincontroller hemecontroller.php file in version 1.7 of Smoke and Fire Web...

9.8CVSS7.8AI score0.02564EPSS
Exploits1References1
CNVD
CNVD
added 2018/12/03 12:0 a.m.2 views

Parallel Override Vulnerability in SDCMS v1.6

SDCMS era website information management system is a product of Suzhou Fireworks Network Technology Co., Ltd. to asp + access for the development of the portal system. SDCMS v1.6 has a parallel override vulnerability. Attackers can use the vulnerability to illegally modify the user release...

6.7AI score
Exploits0
Prion
Prion
added 2018/11/29 9:29 p.m.17 views

Directory traversal

app/plug/attachment/controller/admincontroller.php in SDCMS 1.6 allows reading arbitrary files via a /?m=plug&c=admin&a=index&p=attachment&root= directory traversal. The value of the root parameter must be base64 encoded note that base64 encoding, instead of URL encoding, is very rare in a...

5CVSS7.5AI score0.02024EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2018/11/29 9:29 p.m.19 views

CVE-2018-19748

app/plug/attachment/controller/admincontroller.php in SDCMS 1.6 allows reading arbitrary files via a /?m=plug&c=admin&a=index&p=attachment&root= directory traversal. The value of the root parameter must be base64 encoded note that base64 encoding, instead of URL encoding, is very rare in a...

7.5CVSS7.6AI score0.02024EPSS
Exploits1References2
OSV
OSV
added 2018/11/29 9:29 p.m.5 views

CVE-2018-19748

app/plug/attachment/controller/admincontroller.php in SDCMS 1.6 allows reading arbitrary files via a /?m=plug&c=admin&a=index&p=attachment&root= directory traversal. The value of the root parameter must be base64 encoded note that base64 encoding, instead of URL encoding, is very rare in a...

7.5CVSS5.8AI score0.02024EPSS
Exploits1References2
Cvelist
Cvelist
added 2018/11/29 9:0 p.m.21 views

CVE-2018-19748

app/plug/attachment/controller/admincontroller.php in SDCMS 1.6 allows reading arbitrary files via a /?m=plug&c=admin&a=index&p=attachment&root= directory traversal. The value of the root parameter must be base64 encoded note that base64 encoding, instead of URL encoding, is very rare in a...

7.6AI score0.02024EPSS
Exploits1References2
CVE
CVE
added 2018/11/29 9:0 p.m.43 views

CVE-2018-19748

CVE-2018-19748 – affected software : SDCMS 1.6, vulnerability in app/plug/attachment/controller/admincontroller.php. Issue : directory traversal via a vulnerable request to /?m=plug&c=admin&a=index&p=attachment&root=, where the root parameter must be base64 encoded. Impact : reading arbitrary fil...

7.5CVSS7.5AI score0.02024EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2018/11/25 8:29 p.m.36 views

Code injection

An issue was discovered in SDCMS 1.6 with PHP 5.x. app/admin/controller/themecontroller.php uses a checkbad function in an attempt to block certain PHP functions such as eval, but does not prevent use of pregreplace 'e' calls, allowing users to execute arbitrary code by leveraging access to admin...

6.5CVSS8.9AI score0.02917EPSS
Exploits1References2Affected Software2
ATTACKERKB
ATTACKERKB
added 2018/11/25 8:29 p.m.5 views

CVE-2018-19520

An issue was discovered in SDCMS 1.6 with PHP 5.x. app/admin/controller/themecontroller.php uses a checkbad function in an attempt to block certain PHP functions such as eval, but does not prevent use of pregreplace 'e' calls, allowing users to execute arbitrary code by leveraging access to admin...

8.8CVSS6.2AI score0.02917EPSS
Exploits1References3
NVD
NVD
added 2018/11/25 8:29 p.m.44 views

CVE-2018-19520

An issue was discovered in SDCMS 1.6 with PHP 5.x. app/admin/controller/themecontroller.php uses a checkbad function in an attempt to block certain PHP functions such as eval, but does not prevent use of pregreplace 'e' calls, allowing users to execute arbitrary code by leveraging access to admin...

8.8CVSS8.9AI score0.02917EPSS
Exploits1References2
OSV
OSV
added 2018/11/25 8:29 p.m.31 views

CVE-2018-19520

An issue was discovered in SDCMS 1.6 with PHP 5.x. app/admin/controller/themecontroller.php uses a checkbad function in an attempt to block certain PHP functions such as eval, but does not prevent use of pregreplace 'e' calls, allowing users to execute arbitrary code by leveraging access to admin...

8.8CVSS7.8AI score
Exploits0References2
Rows per page
Query Builder