23 matches found
Exploit for Unrestricted Upload of File with Dangerous Type in Pluck-Cms Pluck
CVE-2020-29607 — Pluck CMS Authenticated remote code executio...
CVE-2018-18823
WolfCMS 0.8.3.1 allows XSS via an SVG file to /?/admin/plugin/filemanager/browse/...
EUVD-2009-5126
Malware in sbrugna...
EUVD-2018-8219
Malware in sbrugna...
EUVD-2020-3935
Malware in sbrugna...
EUVD-2018-10539
Malware in sbrugna...
CVE-2009-20006
The CVE-2009-20006 issue affects osCommerce
PT-2025-38002
Name of the Vulnerable Software and Affected Versions: osCommerce versions up to and including 2.2 RC2a Description: osCommerce versions up to and including 2.2 RC2a contain a flaw in the administrative file manager utility admin/file manager.php. The interface lacks sufficient input validation a...
CVE-2020-11585
There is an information disclosure issue in DNN formerly DotNetNuke 9.5 within the built-in Activity-Feed/Messaging/Userid/ Message Center module. A registered user is able to enumerate any file in the Admin File Manager other than ones contained in a secure folder by sending themselves a message...
CVE-2022-28997
CSZCMS v1.3.0 allows attackers to execute a Server-Side Request Forgery SSRF which can be leveraged to leak sensitive data via a local file inclusion at /admin/filemanager/connector/...
CVE-2021-44673
A Remote Code Execution RCE vulnerability exists in Croogo 3.0.2via admin/file-manager/attachments, which lets a malicoius user upload a web shell script...
Remote code execution
A Remote Code Execution RCE vulnerability exists in Croogo 3.0.2via admin/file-manager/attachments, which lets a malicoius user upload a web shell script...
CVE-2021-44673
A Remote Code Execution RCE vulnerability exists in Croogo 3.0.2via admin/file-manager/attachments, which lets a malicoius user upload a web shell script...
Croogo 代码问题漏洞
Croogo is a content management system CMS based on the CakePHP framework development . The system provides content type can be customized as Blog, Node, Page, content editing using WYSIWYG editor and other features. A security vulnerability exists in Croogo 3.0.2, which can be exploited to allow...
CVE-2022-25104
HorizontCMS v1.0.0-beta.2 was discovered to contain an arbitrary file download vulnerability via the component /admin/file-manager/...
CVE-2022-25104
HorizontCMS v1.0.0-beta.2 was discovered to contain an arbitrary file download vulnerability via the component /admin/file-manager/...
HorizontCMS 安全漏洞
HorizontCMS is a customer relationship management web platform for individual developers. A security vulnerability exists in HorizontCMS, which was discovered to contain an arbitrary file download vulnerability via the /admin/file-manager/ component...
DNN Information Disclosure Vulnerability
DNN also known as DotNetNuke is a set of U.S. DNN by Microsoft support , based on the ASP.NET platform for open source content management system CMS. The system is easy to install , scalable , feature-rich and so on. DNN formerly DotNetNuke 9.5 version of the embedded...
Information disclosure
There is an information disclosure issue in DNN formerly DotNetNuke 9.5 within the built-in Activity-Feed/Messaging/Userid/ Message Center module. A registered user is able to enumerate any file in the Admin File Manager other than ones contained in a secure folder by sending themselves a message...
CVE-2019-7173
A stored-self XSS exists in Croogo through v3.0.5, allowing an attacker to execute HTML or JavaScript code in a vulnerable Title field to /admin/file-manager/attachments/edit/4...