3 matches found
CVE-2020-6859
Multiple Insecure Direct Object Reference vulnerabilities in includes/core/class-files.php in the Ultimate Member plugin through 2.1.2 for WordPress allow remote attackers to change other users' profiles and cover photos via a modified userid parameter. This is related to ajaximageupload and...
iScripts EasyCreate Remote Code Execution Vulnerability
iScripts EasyCreate is an online website builder that can be used on a server to provide website building services to clients and is fully customizable. A remote code execution vulnerability exists in iScripts EasyCreate. The 'userImages' POST parameter of the '/ajaximageupload.php' script fails ...
iScripts EasyCreate 3.0 - Remote Code Execution
!C:/Python27/python.exe -u iScripts EasyCreate 3.0 Remote Code Execution Exploit Vendor: iScripts.com Product web page: http://www.iscripts.com Affected version: 3.0 Summary: iScripts EasyCreate is a private label online website builder. This software allows you to start an online business by...