EUVD-2023-33392

Malicious code in bioql PyPI...

CVE-2023-29855

WBCE CMS 1.5.3 has a command execution vulnerability via admin/languages/install.php...

CVE-2023-29855

WBCE CMS 1.5.3 has a command execution vulnerability via admin/languages/install.php...

CVE-2023-29855

WBCE CMS 1.5.3 is affected by a command execution vulnerability in the admin/languages/install.php endpoint. The issue arises from a poorly filtered parameter in the Language Install module, enabling potential arbitrary command execution. Relevant advisories reference this exact vector across mul...

CVE-2022-45867

MyBB before 1.8.33 allows Directory Traversal. The Admin CP Languages module allows remote authenticated users, with high privileges, to achieve local file inclusion and execution...

Chadha PHPKB Cross-Site Scripting Vulnerability (CNVD-2020-17940)

Chadha Software Technologies PHPKB Standard Multi-Language is a web-based, multi-language knowledge base management system from Chadha Software Technologies, India. A reflected cross-site scripting vulnerability exists in admin/my-languages.php in Chadha PHPKB Standard Multi-Language version 9. T...

Piwigo Remote File Inclusion Vulnerability

Piwigo is a photo album script written in PHP. A security vulnerability exists in the admin/languages.php implementation in versions prior to Piwigo 2.8.3, where a remote administrator user passes the tab parameter and the executable file contains an attack...

PT-2009-2347 · Zen Cart · Zen Cart

Name of the Vulnerable Software and Affected Versions: Zen Cart versions 1.3.8a, 1.3.8, and earlier Description: A directory traversal issue exists in the admin/includes/languages/english.php file, allowing remote attackers to include and execute arbitrary local files via a .. dot dot in the...