107 matches found
CVE-2022-2381
The E Unlocked - Student Result WordPress plugin through 1.0.4 is lacking CSRF and validation when uploading the School logo, which could allow attackers to make a logged in admin upload arbitrary files, such as PHP via a CSRF attack...
CVE-2022-2268
The Import any XML or CSV File to WordPress plugin before 3.6.8 accepts all zip files and automatically extracts the zip file without validating the extracted file type. Allowing high privilege users such as admin to upload an arbitrary file like PHP, leading to RCE...
CVE-2022-2268
The Import any XML or CSV File to WordPress plugin before 3.6.8 accepts all zip files and automatically extracts the zip file without validating the extracted file type. Allowing high privilege users such as admin to upload an arbitrary file like PHP, leading to RCE...
CVE-2022-1009
The Smush WordPress plugin before 3.9.9 does not sanitise and escape a configuration parameter before outputting it back in an admin page when uploading a malicious preset configuration, leading to a Reflected Cross-Site Scripting. For the attack to be successful, an attacker would need an admin ...
CVE-2022-1009
The Smush WordPress plugin before 3.9.9 does not sanitise and escape a configuration parameter before outputting it back in an admin page when uploading a malicious preset configuration, leading to a Reflected Cross-Site Scripting. For the attack to be successful, an attacker would need an admin ...
CVE-2021-25119
The AGIL WordPress plugin through 1.0 accepts all zip files and automatically extracts the zip file without validating the extracted file type. Allowing high privilege users such as admin to upload an arbitrary file like PHP, leading to RCE...
Rara One Click Demo Import < 1.3.0 - Arbitrary File Upload via CSRF
The plugin does not have CSRF check when uploading files, which could allow attackers to make a logged in admin upload arbitrary files via a CSRF attack...
newbee-mall 代码问题漏洞
newbee-mall is an e-commerce system. newbee-mall v1.0.0 has a security vulnerability that can be exploited by attackers to upload arbitrary files via the upload function of /admin/goods/edit...
CVE-2022-0499
The Sermon Browser WordPress plugin through 0.45.22 does not have CSRF checks in place when uploading Sermon files, and does not validate them in any way, allowing attackers to make a logged in admin upload arbitrary files such as PHP ones...
Microweber remote code execution vulnerability
Microweber is an online store management system from the Microweber community in the United States that provides drag-and-drop functionality. The system includes modules for adding products, images, etc. A remote code execution vulnerability exists in versions of microweber prior to 1.2.12, which...
CVE-2022-24652
sentcms 4.0.x allows remote attackers to cause arbitrary file uploads through an unauthorized file upload interface, resulting in php code execution in /admin/upload/upload...
Privilege escalation
sentcms 4.0.x allows remote attackers to cause arbitrary file uploads through an unauthorized file upload interface, resulting in php code execution in /admin/upload/upload...
Tensent SentCMS 代码问题漏洞
Tensent SentCMS is a simple and easy-to-use website management system from Tensent, China. A security vulnerability exists in Tensent SentCMS version 4.0.x. The vulnerability stems from a lack of validation of uploaded files in the file upload interface of the /admin/upload/upload php code in the...
CVE-2020-23572
BEESCMS v4.0 was discovered to contain an arbitrary file upload vulnerability via the component /admin/upload.php. This vulnerability allows attackers to execute arbitrary code via a crafted image file...
BEESCMS 代码问题漏洞
BEESCMS is a template program completely separated, using PHP MYSQL technology development, with powerful SEO features, simple operation of the self-service building system. BEESCMS version 4.0 /admin/upload.php in the arbitrary file upload vulnerability. The vulnerability can be exploited by...
KiteCMS 代码问题漏洞
KiteCMS is a content management system based on think php. An arbitrary file upload vulnerability exists in /admin/upload/uploadfile in KiteCMS version 1.1. An attacker can exploit the vulnerability getshell via a specially crafted PHP file...
CVE-2020-18886
Unrestricted File Upload in PHPMyWind v5.6 allows remote attackers to execute arbitrary code via the component 'admin/uploadfiledo.php'...
Remote code execution
Remote Code Execution vulnerability in GetSimpleCMS before 3.3.16 in admin/upload.php via phar filess...
GetSimpleCMS 跨站脚本漏洞
GetSimple CMS is an XML-based, completely self-contained, streamlined content management system. A cross-site scripting vulnerability exists in admin/upload.php in GetSimple CMS version 3.3.16. The vulnerability can be exploited to conduct cross-site scripting attacks by adding comments to the...
WordPress 代码问题漏洞
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A security vulnerability exists in the WordPress plugin Event Banner version 1.3 and prior versions...