Lucene search
K

97 matches found

CNVD
CNVD
added 2019/08/27 12:0 a.m.2 views

WordPress wp-file-upload plugin code issue vulnerability (CNVD-2019-30994)

WordPress is a set of blogging platform developed by WordPress Foundation using PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. wp-file-upload is a file upload plugin used in it. A code issue vulnerability exists in the WordPress wp-file-upload plugin,...

7.5CVSS7AI score0.01389EPSS
Exploits0References1
CNVD
CNVD
added 2019/07/27 12:0 a.m.1 views

Pluck CMS suffers from a file upload vulnerability

Pluck CMS is a content management system CMS written in php. Pluck CMS suffers from a file upload vulnerability that can be exploited by an attacker to gain control of the web server...

7.2AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2019/04/04 12:0 a.m.5 views

The vulnerability of the imap_mail function in the PHP programming language allows a hacker to cause a service failure.

The vulnerability of the imapmail function in the PHP programming language is related to errors in handling empty strings in message arguments. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

7.5CVSS6.8AI score0.07065EPSS
Exploits0References4Affected Software2
CNVD
CNVD
added 2019/03/08 12:0 a.m.1 views

File Upload Vulnerability in metinfo Mito System

metinfo mito system is an enterprise website management system with PHP Mysql architecture. A file upload vulnerability exists in metinfo Mito System, which can be exploited by attackers to upload arbitrary files...

7.2AI score
Exploits0
CNVD
CNVD
added 2019/03/06 12:0 a.m.2 views

Code Execution Vulnerabilities in PHP Version of Rookie Enterprise Website System Backend

Rookie enterprise website system PHP version is a PHP enterprise website system. Code execution vulnerability exists in the backend of Rookie Enterprise Website System PHP Edition. Allow attackers to execute commands and gain server privileges...

7.7AI score
Exploits0
CNVD
CNVD
added 2018/11/26 12:0 a.m.3 views

SDCMS Arbitrary Code Execution Vulnerability

SDCMS is a PHP and MySQL based enterprise station building content management system CMS from China Fireworks Network Technology Company. A security vulnerability exists in SDCMS version 1.6, which uses PHP version 5.x. The vulnerability can be exploited to execute arbitrary code by accessing the...

8.8CVSS8.9AI score0.02917EPSS
Exploits1References1
CNVD
CNVD
added 2018/10/29 12:0 a.m.0 views

catfish blog cross-site scripting vulnerability

Catfish blog is a set of open source blog system developed using the PHP language . A cross-site scripting vulnerability exists in Catfish blog version 2.0.33. A remote attacker can exploit this vulnerability to inject code...

5.4CVSS5.4AI score0.00556EPSS
Exploits1References1
CNVD
CNVD
added 2018/10/26 12:0 a.m.1 views

DedeCMS has information leakage vulnerability

Dream Content Management System DedeCMS is a PHP open source website management system. An information disclosure vulnerability exists in DedeCMS. An attacker can exploit the vulnerability to obtain sensitive user information that is publicly available on some websites...

6.2AI score
Exploits0
CNVD
CNVD
added 2018/03/12 12:0 a.m.2 views

Random multifunctional message board cms has XSS vulnerability

Random Multifunctional Message Board is a multifunctional message board system developed by php+MySQL. Casual multifunctional message board cms there are XSS vulnerabilities , attackers can exploit the vulnerability to obtain sensitive information such as user cookies...

6.1AI score
Exploits0
CNVD
CNVD
added 2017/01/16 12:0 a.m.4 views

MC Documentation Creator SQL Injection Vulnerability

MC Documentation Creator is a PHP document creation script . A SQL injection vulnerability exists in MC Documentation Creator. Due to poor parameter filtering in this PHP script, an attacker can exploit the vulnerability to obtain sensitive data...

7.9AI score
Exploits0References1
CNVD
CNVD
added 2016/03/18 12:0 a.m.3 views

PHP has an unspecified vulnerability

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language supports multiple syntaxes, multiple databases and operating systems, and support for C, C++ for program extensions and so on. A...

7.1CVSS8.4AI score0.03146EPSS
Exploits0References1
OSV
OSV
added 2015/06/17 12:0 a.m.4 views

UBUNTU-CVE-2015-4598

PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or write to arbitrary files via crafted input to an application that calls 1 a DOMDocument save method or 2 the GD imagepsloadfont function...

6.5CVSS7.1AI score0.03917EPSS
Exploits0References3
CNVD
CNVD
added 2014/12/18 12:0 a.m.3 views

Metinfo File Inclusion Vulnerability

MetInfo is an enterprise website management system with PHP Mysql architecture. A file inclusion vulnerability exists in the MetInfo system. An attacker can exploit this vulnerability to execute arbitrary php code...

7.5AI score
Exploits0
OSV
OSV
added 2014/08/23 1:55 a.m.2 views

DEBIAN-CVE-2014-3587

Integer overflow in the cdfreadpropertyinfo function in cdf.c in file through 5.19, as used in the Fileinfo component in PHP before 5.4.32 and 5.5.x before 5.5.16, allows remote attackers to cause a denial of service application crash via a crafted CDF file. NOTE: this vulnerability exists becaus...

4.3CVSS7.1AI score0.20237EPSS
Exploits1References1
securityvulns
securityvulns
added 2012/04/09 12:0 a.m.124 views

[waraxe-2012-SA#083] - Multiple Vulnerabilities in Uploadify 2.1.4

waraxe-2012-SA083 - Multiple Vulnerabilities in Uploadify 2.1.4 =============================================================================== Author: Janek Vind "waraxe" Date: 05. April 2012 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-83.html Description of vulnerable software:...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2012/04/09 12:0 a.m.99 views

[waraxe-2012-SA#082] - File Existence Disclosure in Uploadify 3.0.0

waraxe-2012-SA082 - File Existence Disclosure in Uploadify 3.0.0 =============================================================================== Author: Janek Vind "waraxe" Date: 05. April 2012 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-82.html Description of vulnerable software:...

0.3AI score
Exploits0
RedHat Linux
RedHat Linux
added 2010/01/13 6:5 p.m.5 views

PHP: resource exhaustion attack via upload requests with lots of files

PHP before 5.2.12 and 5.3.x before 5.3.1 does not restrict the number of temporary files created when handling a multipart/form-data POST request, which allows remote attackers to cause a denial of service resource exhaustion, and makes it easier for remote attackers to exploit local file inclusi...

5CVSS5.9AI score0.12041EPSS
Exploits0References4
Rows per page
Query Builder