CVE-2025-67436

Authenticated Remote Code Execution RCE in PluXml CMS 5.8.22 allows an attacker with administrator panel access to inject a malicious PHP webshell into a theme file e.g., home.php...

UBUNTU-CVE-2025-67436

Authenticated Remote Code Execution RCE in PluXml CMS 5.8.22 allows an attacker with administrator panel access to inject a malicious PHP webshell into a theme file e.g., home.php...

CVE-2025-67436

CVE-2025-67436 affects PluXml CMS 5.8.22. A authenticated administrator can inject a malicious PHP webshell into a theme file (e.g., home.php), enabling remote code execution. The exploit details in related PT-2025-52722 confirm the vulnerability arises from module/theme file handling allowing ar...

EUVD-2024-32280

Malicious code in bioql PyPI...

CVE-2024-3705

Unrestricted file upload vulnerability in OpenGnsys affecting version 1.1.1d Espeto. This vulnerability allows an attacker to send a POST request to the endpoint '/opengnsys/images/MIcons.php' modifying the file extension, due to lack of file extension verification, resulting in a webshell...

CVE-2024-3705 Unrestricted Upload of File with Dangerous Type vulnerability in OpenGnsys

Unrestricted file upload vulnerability in OpenGnsys affecting version 1.1.1d Espeto. This vulnerability allows an attacker to send a POST request to the endpoint '/opengnsys/images/MIcons.php' modifying the file extension, due to lack of file extension verification, resulting in a webshell...

PT-2024-27265 · Opengnsys · Opengnsys

Name of the Vulnerable Software and Affected Versions: OpenGnsys version 1.1.1d Espeto Description: The issue allows an attacker to send a POST request to the endpoint '/opengnsys/images/M Icons.php' and modify the file extension due to a lack of file extension verification. This results in a...

OpenGnsys 代码问题漏洞

OpenGnsys is an open source computing device management software from the Spanish OpenGnsys project. A code issue vulnerability exists in OpenGnsys version 1.1.1d Espeto, which stems from an unlimited file upload vulnerability that allows an attacker to send a POST request to modify a file...

Teachers Record Management System 1.0 SQL Injection

Exploit Title: Teachers Record Management System 1.0 - 'searchteacher' SQL Injection Date: 2020-07-14 Exploit Author: gh1mau Team Members: Capt'N,muzzo,chaos689 | https://h0fclanmalaysia.wordpress.com/ Vendor Homepage: https://phpgurukul.com/teachers-record-management-system-using-php-and-mysql/...

phpmyadmin4.8.1后台getshell

官网下载的最新版，文件名是phpMyAdmin-4.8.1-all-languages.zip 问题就出现在了 /index.php 找到5563行 第61行出现了 include $REQUEST'target'; 很明显这是LFI的前兆，我们只要绕过5559的限制就行 第57行限制 target 参数不能以index开头 第58行限制 target 参数不能出现在 $targetblacklist 内 找到 $targetblacklist 的定义： 就在 /index.php 的第50行 只要 target 参数不是 import.php 或 export.php...

SQL Injection Vulnerability in PHPSHE B2C Mall System v1.5

PHPSHE mall system is a combination of product display, online shopping, order management, payment management, article management, customer consultation and feedback and other functions, and provides easy operation, practical features, quickly allow users to establish a personalized online store,...

Discuz! admin\styles.inc.php get-webshell bug

在文件admin\styles.inc.php里代码: if$newcvar && $newcsubst if$db-resultfirst"SELECT COUNT FROM $tableprestylevars WHERE variable='$newcvar' AND styleid='$id'" cpmsg'styleseditvariableduplicate', '', 'error'; elseif!pregmatch"/a-zA-Z\x7f-\xffa-zA-Z0-9\x7f-\xff/", $newcvar cpmsg'styleseditvariableillegal...

Discuz! 7.0 and below the version background get a webshell without founder-vulnerability warning-the black bar safety net

Author: oldjun I rarely care about such vulnerability, it has been rarely take the stand, and encounters a DZ more just passing through, also did not go too much care about the DZ's vulnerability or to study the code; shortly before the Forum is left a shell, I check half a day, but since met, it...