emlog 安全漏洞

emlog is a PHP and MySQL based CMS website builder for emlog individual developers. A security vulnerability exists in emlog versions prior to v2.3.15, which stems from the presence of a Remote Code Execution RCE vulnerability that allows an attacker to gain system privileges by uploading a...

PT-2024-32027 · Emlog Pro · Emlog Pro

Name of the Vulnerable Software and Affected Versions: Emlog Pro versions prior to 2.3.15 Description: A remote code execution issue in the /admin/store.php component of Emlog Pro allows attackers to use remote file downloads and self-extract functions to upload webshells to the target server,...

PT-2023-11806 · Unknown · Bloofoxcms

Name of the Vulnerable Software and Affected Versions: bloofoxCMS version 0.5.2.1 Description: The issue allows remote attackers to execute arbitrary code and escalate privileges via a crafted webshell file to the upload module. This can be achieved by uploading a specifically designed file to th...

CVE-2023-28699

Wade Graphic Design FANTSY has a vulnerability of insufficient filtering for file type in its file update function. An authenticated remote attacker with general user privilege can exploit this vulnerability to upload a PHP file containing a webshell to perform arbitrary system operation or disru...

PT-2023-21914 · Unknown · Wade Graphic Design Fantsy

Name of the Vulnerable Software and Affected Versions: Wade Graphic Design FANTSY affected versions not specified Description: The issue is related to insufficient filtering for file type in the file update function. An authenticated remote attacker with general user privilege can exploit this to...

CVE-2023-30855 Pimcore Path Traversal Vulnerability in AdminBundle/Controller/Reports/CustomReportController.php

Pimcore is an open source data and experience management platform. Versions of Pimcore prior to 10.5.18 are vulnerable to path traversal. The impact of this path traversal and arbitrary extension is limited to creation of arbitrary files and appending data to existing files. When combined with th...

PT-2023-15230 · Generex · Generex Ups Cs141

Name of the Vulnerable Software and Affected Versions: Generex UPS CS141 versions prior to 2.06 Description: The issue allows a remote attacker to upload a firmware file containing a webshell, which could enable the execution of arbitrary code as root. Recommendations: For versions prior to 2.06,...

Generex UPS CS141 代码问题漏洞

The Generex UPS CS141 is a microcomputer from the German company Generex. A security vulnerability exists in the Generex UPS CS141 prior to version 2.06, which stems from a vulnerability that allows an attacker to upload a firmware file containing a webshell...

SUSE CVE-2017-7432

Novell iManager 2.7.x before 2.7 SP7 Patch 10 HF1 and NetIQ iManager 3.x before 3.0.3.1 have a webshell upload vulnerability...

CVE-2022-46135

In AeroCms v0.0.1, there is an arbitrary file upload vulnerability at /admin/posts.php?source=editpost , through which we can upload webshell and control the web server...

CVE-2022-46135

In AeroCms v0.0.1, there is an arbitrary file upload vulnerability at /admin/posts.php?source=editpost , through which we can upload webshell and control the web server...

Clinic’s Patient Management System 代码问题漏洞

Clinic's Patient Management System is a patient management system for Carlo Montero's clinic. A security vulnerability exists in Clinic's Patient Management System v 1.0 that could allow an attacker to upload an arbitrary php webshell via the profile picture upload function in users.php...

AeroCMS 代码问题漏洞

AeroCMS is a content management system from AeroCMS Inc. in the United States. A security vulnerability exists in AeroCMS version v0.0.1. An attacker exploited the vulnerability to upload a webshell and take control of the web server...

Library Management System With QR Code 1.0 Shell Upload

Title: Library Management System with QR code AttendanceFile Upload RCE Author: Ashish Kumar https://www.linkedin.com/in/ashish-kumar-0b65a3184 Date: 27.06.2022 Vendor: https://www.sourcecodester.com/users/kingbhob02 Software:...

Library Management System With QR Code 1.0 Shell Upload Vulnerability

Title: Library Management System with QR code AttendanceFile Upload RCE Author: Ashish Kumar https://www.linkedin.com/in/ashish-kumar-0b65a3184 Vendor: https://www.sourcecodester.com/users/kingbhob02 Software:...

CVE-2021-41661

Church Management System version 1.0 is affected by a SQL anjection vulnerability through creating a user with a PHP file as an avatar image, which is accessible through the /uploads directory. This can lead to RCE on the web server by uploading a PHP webshell...

Exploit for Path Traversal in Wso2 Api_Manager

cve-2022-29464 Disclaimer The script is for learning purpos...

CVE-2022-28062

Car Rental System v1.0 contains an arbitrary file upload vulnerability via the Add Car component which allows attackers to upload a webshell and execute arbitrary code...

CVE-2022-28062

Car Rental System v1.0 contains an arbitrary file upload vulnerability via the Add Car component which allows attackers to upload a webshell and execute arbitrary code...

Car Rental System 代码问题漏洞

Car Rental System is a car rental system by AMEY THAKUR, an individual developer in India. A security vulnerability exists in Car Rental System v1.0, which stems from a missing file upload restriction in the Add Car component. An attacker can use this vulnerability to upload a webshell and execut...