CSCMS Music Portal System SQL注入漏洞

CSCMS Music Portal System is a diversified content management system from China Sunshine Network Technology CSCMS, Inc. A SQL injection vulnerability exists in CSCMS Music Portal System, which originates from the missing id parameter of /admin.php/news/admin/news/save validation of external input...

CVE-2020-21126

MetInfo 7.0.0 contains a Cross-Site Request Forgery CSRF via admin/?n=admin&c=index&a=doSaveInfo...

PT-2019-13736 · Openemr · Openemr

Name of the Vulnerable Software and Affected Versions: OpenEMR versions prior to 5.0.2 Description: The issue allows SQL Injection in the interface/forms/eye mag/save.php file. No information is provided about the estimated number of potentially affected devices worldwide or real-world incidents...

JEECMS Cross-Site Request Forgery Vulnerability (CNVD-2018-26785)

JEECMS is a set of China Jinlei technology development company using Java language development of content management system CMS. A cross-site request forgery vulnerability exists in JEECMS version 9.3. A remote attacker can exploit this vulnerability to add news with the help of...

CVE-2018-19060

An issue was discovered in Poppler 0.71.0. There is a NULL pointer dereference in goo/GooString.h, will lead to denial of service, as demonstrated by utils/pdfdetach.cc not validating a filename of an embedded file before constructing a save path...

UBUNTU-CVE-2018-19060

An issue was discovered in Poppler 0.71.0. There is a NULL pointer dereference in goo/GooString.h, will lead to denial of service, as demonstrated by utils/pdfdetach.cc not validating a filename of an embedded file before constructing a save path...

CVE-2018-17366

An issue was discovered in MCMS 4.6.5. There is a CSRF vulnerability that can add an administrator account via ms/basic/manager/save.do...

CVE-2018-16337

An issue was discovered in Cscms V4.1.8. There is a CSRF vulnerability that can modify a website's basic configuration via upload/admin.php/setting/save...

CVE-2018-11649

Hue 3.12 has XSS via the /pig/save/ name and script parameters...

CVE-2018-10265

An issue was discovered in HongCMS v3.0.0. There is a CSRF vulnerability that can add an administrator account via the admin/index.php/users/save URI...

UBUNTU-CVE-2017-15108

spice-vdagent up to and including 0.17.0 does not properly escape save directory before passing to shell, allowing local attacker with access to the session the agent runs in to inject arbitrary commands to be executed...

CVE-2007-1835

PHP 4 before 4.4.5 and PHP 5 before 5.2.1, when using an empty session save path session.savepath, uses the TMPDIR default after checking the restrictions, which allows local users to bypass openbasedir restrictions...

CVE-2006-6383

PHP 5.2.0 and 4.4 allows local users to bypass safemode and openbasedir restrictions via a malicious path and a null byte before a ";" in a sessionsavepath argument, followed by an allowed path, which causes a parsing inconsistency in which PHP validates the allowed path but sets session.savepath...

PHP <= 5.2.1 Session.Save_Path() TMPDIR Open_Basedir Restriction Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/23183/info PHP is prone to a 'openbasedir' restriction-bypass vulnerability due to a design error. Successful exploits could allow an attacker to access sensitive information or to write files in unauthorized locations...

CVE-2009-4143

PHP before 5.2.12 does not properly handle session data, which has unspecified impact and attack vectors related to 1 interrupt corruption of the SESSION superglobal array and 2 the session.savepath directive...

CVE-2009-4143

PHP before 5.2.12 does not properly handle session data, which has unspecified impact and attack vectors related to 1 interrupt corruption of the SESSION superglobal array and 2 the session.savepath directive...

PHP session.save_path 存在安全绕过漏洞

No description provided by source...

phprpg-sql.txt

By Michael Brooks Vulneralbity: Sql Injection and Session Information Disclosure. Homepage:http://sourceforge.net/projects/phprpg/ Verison affected 0.8.0 There are two flaws that affect this applcation. A nearly vinnella login bypass issues affects phprpg. If magicqutoesgpc=off then this will log...

PHP RPG - Sql Injection and Session Information Disclosure.

By Michael Brooks Vulneralbity: Sql Injection and Session Information Disclosure. Homepage:http://sourceforge.net/projects/phprpg/ Verison affected 0.8.0 There are two flaws that affect this applcation. A nearly vinnella login bypass issues affects phprpg. If magicqutoesgpc=off then this will log...

CVE-2007-1835

PHP 4 before 4.4.5 and PHP 5 before 5.2.1, when using an empty session save path session.savepath, uses the TMPDIR default after checking the restrictions, which allows local users to bypass openbasedir restrictions...