CVE-2019-12792

A command injection vulnerability in UploadHandler.php in Vesta Control Panel 0.9.8-24 allows remote attackers to escalate from regular registered users to root...

CVE-2019-12792

CVE-2019-12792 describes a command injection vulnerability in the UploadHandler.php component of Vesta Control Panel 0.9.8-24 , allowing a logged-in regular user to escalate privileges to root. The connected Red Hat and OSV/NVD entries confirm the same description. The documents do not provide de...

CVE-2018-10686

An issue was discovered in Vesta Control Panel 0.9.8-20. There is Reflected XSS via $REQUEST'path' to the view/file/index.php URI, which can lead to remote PHP code execution via vectors involving a fileputcontents call in web/upload/UploadHandler.php...

CVE-2014-10021

Unrestricted file upload vulnerability in UploadHandler.php in the WP Symposium plugin 14.11 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in server/php/...

WordPress Photo-Gallery Cross Site Request Forgery Vulnerability

WordPress Photo-Gallery plugin suffers from a cross site request forgery vulnerability. Note that this finding houses site-specific data. + Wordpress Cross Site Request Forgery in Plugin photo-gallery + Date: 07/05/2014 + Risk: HIGH + Author: Felipe Andrian Peixoto + Vendor Homepage:...

WordPress Photo-Gallery Cross Site Request Forgery

Wordpress Cross Site Request Forgery in Plugin photo-gallery + Date: 07/05/2014 + Risk: HIGH + Author: Felipe Andrian Peixoto + Vendor Homepage: https://wordpress.org/plugins/photo-gallery/ + Contact: [email protected] + Tested on: Windows 7 and Linux + Vulnerable File: UploadHandler.php...

Photo-Gallery <= 1.2.41 - UploadHandler.php File Upload CSRF

The Photo Gallery by 10Web – Mobile-Friendly Image Gallery WordPress plugin was affected by an UploadHandler.php File Upload CSRF security vulnerability...