23 matches found
CVE-2023-53869
WEBIGniter 28.7.23 contains a file upload vulnerability that allows authenticated attackers to upload and execute dangerous PHP files through the media function. Attackers can leverage any created account to upload malicious PHP scripts that enable remote code execution on the application server...
CVE-2023-53869
WEBIGniter 28.7.23 contains a file upload vulnerability that allows authenticated attackers to upload and execute dangerous PHP files through the media function. Attackers can leverage any created account to upload malicious PHP scripts that enable remote code execution on the application server...
CVE-2023-53869
WEBIGniter 28.7.23 contains an authenticated file upload vulnerability in the media function that enables remote code execution by uploading PHP scripts. Multiple sources (NVD entry, Red Hat CVE page, ENISA EUVD, CVE-list, CNA metadata and PT-2025-51287) confirm that any valid account can leverag...
CVE-2023-53869 WEBIGniter 28.7.23 Unrestricted File Upload Remote Code Execution
WEBIGniter 28.7.23 contains a file upload vulnerability that allows authenticated attackers to upload and execute dangerous PHP files through the media function. Attackers can leverage any created account to upload malicious PHP scripts that enable remote code execution on the application server...
CVE-2023-53869 WEBIGniter 28.7.23 Unrestricted File Upload Remote Code Execution
WEBIGniter 28.7.23 contains a file upload vulnerability that allows authenticated attackers to upload and execute dangerous PHP files through the media function. Attackers can leverage any created account to upload malicious PHP scripts that enable remote code execution on the application server...
PT-2025-51287
Name of the Vulnerable Software and Affected Versions WEBIGniter version 28.7.23 Description The software contains a file upload issue that permits authenticated attackers to upload and execute malicious PHP files via the media function. An attacker with any valid account can upload PHP scripts,...
WEBIGniter 代码问题漏洞
WEBIGniter is a content management system from WEBIGniter, Inc. A code issue vulnerability exists in WEBIGniter version 28.7.23, which stems from a file upload vulnerability in the media feature that could lead to the upload and execution of dangerous PHP files...
CVE-2023-53735
WEBIGniter 28.7.23 contains a cross-site scripting vulnerability in the user creation process that allows unauthenticated attackers to execute malicious JavaScript code, enabling potential XSS attacks...
EUVD-2025-201270
WEBIGniter 28.7.23 contains a cross-site scripting vulnerability in the user creation process that allows unauthenticated attackers to execute malicious JavaScript code, enabling potential XSS attacks...
CVE-2023-53735
WEBIGniter 28.7.23 contains a cross-site scripting vulnerability in the user creation process that allows unauthenticated attackers to execute malicious JavaScript code, enabling potential XSS attacks...
CVE-2023-53735
CVE-2023-53735 relates to WEBIGniter 28.7.23, with a cross-site scripting (XSS) vulnerability in the user-creation process. The flaw allows unauthenticated attackers to inject and execute malicious JavaScript, as described across multiple sources in the connected documents. The provided materials...
CVE-2023-53735 WEBIGniter 28.7.23 Cross-Site Scripting (XSS) in User Creation Process
WEBIGniter 28.7.23 contains a cross-site scripting vulnerability in the user creation process that allows unauthenticated attackers to execute malicious JavaScript code, enabling potential XSS attacks...
CVE-2023-53735 WEBIGniter 28.7.23 Cross-Site Scripting (XSS) in User Creation Process
WEBIGniter 28.7.23 contains a cross-site scripting vulnerability in the user creation process that allows unauthenticated attackers to execute malicious JavaScript code, enabling potential XSS attacks...
WEBIGniter 跨站脚本漏洞
WEBIGniter is a content management system from WEBIGniter, Inc. A cross-site scripting vulnerability exists in WEBIGniter version 28.7.23, which stems from a cross-site scripting vulnerability in the user-created process that could lead to the execution of malicious JavaScript code...
PT-2025-49130
WEBIGniter 28.7.23 contains a cross-site scripting vulnerability in the user creation process that allows unauthenticated attackers to execute malicious JavaScript code, enabling potential XSS attacks...
WEBIGniter 28.7.23 Cross Site Scripting
Title: WEBIGniter v28.7.23 XSS Author: RedTeamer IT Security, Mesut Cetin Date: 09/04/2023 Vendor: https://webigniter.net/ Software: https://webigniter.net/demo Reference: https://portswigger.net/web-security/cross-site-scripting/stored Description: During the user creation process, the 'yourname...
WEBIGniter v28.7.23 - Stored XSS Vulnerability
Title: WEBIGniter v28.7.23 XSS Author: RedTeamer IT Security, Mesut Cetin Vendor: https://webigniter.net/ Software: https://webigniter.net/demo Reference: https://portswigger.net/web-security/cross-site-scripting/stored Description: During the user creation process, the 'yourname' parameter fails...
WEBIGniter v28.7.23 - Stored Cross Site Scripting Vulnerability
Exploit Title: WEBIGniter v28.7.23 Stored Cross Site Scripting XSS Exploit Author: Sagar Banwa Vendor: https://webigniter.net/ Software: https://webigniter.net/demo Reference: https://portswigger.net/web-security/cross-site-scripting Tested on: Windows 10/Kali Linux CVE : CVE-2023-46391 Stored...
WEBIGniter v28.7.23 File Upload - Remote Code Execution Vulnerability
Title: WEBIGniter v28.7.23 File Upload - Remote Code Execution Author: nu11secur1ty Vendor: https://webigniter.net/ Software: https://webigniter.net/demo Reference: https://portswigger.net/web-security/file-upload Description: The media function suffers from file upload vulnerability. The attacke...
Webigniter 28.7.23 Shell Upload Vulnerability
Title: WEBIGniter-28.7.23 File Upload - RCE Author: nu11secur1ty Vendor: https://webigniter.net/ Software: https://webigniter.net/demo Reference: https://portswigger.net/web-security/file-upload Description: The media function suffers from file upload vulnerability. The attacker can upload and he...