Sql injection

Emuse - eServices / eNvoice SQL injection can be used in various ways ranging from bypassing login authentication or dumping the whole database to full RCE on the affected endpoints. The SQLi caused by CWE-209: Generation of Error Message Containig Sensetive Information, showing parts of the aspx...

CVE-2021-40189

PHPFusion 9.03.110 is affected by a remote code execution vulnerability. The theme function will extract a file to "webroot/themes/Theme Folder, where an attacker can access and execute arbitrary code...

CVE-2021-40189

PHPFusion 9.03.110 is affected by a remote code execution vulnerability. The theme function will extract a file to "webroot/themes/Theme Folder, where an attacker can access and execute arbitrary code...

Remote code execution

PHPFusion 9.03.110 is affected by a remote code execution vulnerability. The theme function will extract a file to "webroot/themes/Theme Folder, where an attacker can access and execute arbitrary code...

CVE-2021-40189

CVE-2021-40189 affects PHPFusion 9.03.110. The vulnerability arises in the theme upload mechanism: the theme function can extract files to webroot/themes/{Theme Folder}, enabling an attacker to access and execute arbitrary code on the server. Connected sources (NVD/CNVD/CNNVD) describe remote cod...

CVE-2021-40189

PHPFusion 9.03.110 is affected by a remote code execution vulnerability. The theme function will extract a file to "webroot/themes/Theme Folder, where an attacker can access and execute arbitrary code...

Remote code execution

CMSUno version 1.7.2 is affected by a PHP code execution vulnerability. sauvePass action in webroot/uno/central.php file calls to fileputcontents function to write username in password.php file when a user successfully changed their password. The attacker can inject malicious PHP code into...

Cross-site Scripting (XSS)

zoneminder:edge is vulnerable to cross site scripting XSS. As the form action on multiple views utilizes $SERVER'PHPSELF' insecurely, it mishandles any arbitrary input appended to the webroot URL, without any proper filtration, leading to XSS...

XOS Shop 1.0.9 - (Multiple) Arbitrary File Deletion (Authenticated) Vulnerability

Exploit Title: XOS Shop 1.0.9 - 'Multiple' Arbitrary File Deletion Authenticated Exploit Author: faisalfs10x https://github.com/faisalfs10x Vendor Homepage: https://xos-shop.com Software Link: https://github.com/XOS-Shop/xosshopsystem/releases/tag/v1.0.9 Version: 1.0.9 Tested on: Windows 10, XAMP...

Arbitrary File Write via Archive Extraction (Zip Slip)

Overview baserproject/basercms is a Content management system based on CakePHP. Affected versions of this package are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip. In the admin panel of basercms, an administrator with privileges to perform maintenance operations, has access ...

emlog path traversal vulnerability (CNVD-2021-39975)

emlog is a powerful blog and CMS builder based on PHP and MySQL. A path traversal vulnerability exists in t/index.php in emlog 5.3.1. An attacker can exploit this vulnerability to view the path to webroot/file...

CVE-2021-3293

emlog v5.3.1 has full path disclosure vulnerability in t/index.php, which allows an attacker to see the path to the webroot/file...

CVE-2021-3293

emlog v5.3.1 has full path disclosure vulnerability in t/index.php, which allows an attacker to see the path to the webroot/file...

Path traversal

emlog v5.3.1 has full path disclosure vulnerability in t/index.php, which allows an attacker to see the path to the webroot/file...

CVE-2021-3293

emlog v5.3.1 has full path disclosure vulnerability in t/index.php, which allows an attacker to see the path to the webroot/file...

PT-2021-19977 · Emlog · Emlog

Name of the Vulnerable Software and Affected Versions: emlog version 5.3.1 Description: The issue allows an attacker to see the path to the webroot/file due to a full path disclosure vulnerability in t/index.php. Recommendations: For emlog version 5.3.1, update to a newer version that contains a...

Directory Traversal

node-red-dashboard is vulnerable to directory traversal. Lack of validation in the URL allows an attacker to access system files outside of the webroot via a malicious URL such as /uibase/js/..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd...

FlexDotnetCMS Access Control Error Vulnerability

FlexDotnetCMS is a flexible , easy to use and full-featured ASP .NET content management system CMS. An access control error vulnerability exists in FileEditor in FlexDotnetCMS versions prior to 1.5.11. A remote authenticated attacker can exploit this vulnerability to read or write existing files...

CVE-2019-17640

In Eclipse Vert.x 3.4.x up to 3.9.4, 4.0.0.milestone1, 4.0.0.milestone2, 4.0.0.milestone3, 4.0.0.milestone4, 4.0.0.milestone5, 4.0.0.Beta1, 4.0.0.Beta2, and 4.0.0.Beta3, StaticHandler doesn't correctly processes back slashes on Windows Operating systems, allowing, escape the webroot folder to the...

CVE-2019-17640

In Eclipse Vert.x 3.4.x up to 3.9.4, 4.0.0.milestone1, 4.0.0.milestone2, 4.0.0.milestone3, 4.0.0.milestone4, 4.0.0.milestone5, 4.0.0.Beta1, 4.0.0.Beta2, and 4.0.0.Beta3, StaticHandler doesn't correctly processes back slashes on Windows Operating systems, allowing, escape the webroot folder to the...