PT-2026-27143

A weakness has been identified in kalcaddle kodbox 1.64. This affects the function checkBin of the file /workspace/source-code/plugins/fileThumb/app.php of the component fileThumb Endpoint. Executing a manipulation can lead to os command injection. The attack can be executed remotely. The exploit...

EUVD-2020-16516

Malware in sbrugna...

CVE-2023-6852

A vulnerability classified as critical has been found in kalcaddle KodExplorer up to 4.51.03. Affected is an unknown function of the file plugins/webodf/app.php. The manipulation leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to...

CVE-2023-6852 kalcaddle KodExplorer app.php server-side request forgery

A vulnerability classified as critical has been found in kalcaddle KodExplorer up to 4.51.03. Affected is an unknown function of the file plugins/webodf/app.php. The manipulation leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to...

CVE-2023-6849 kalcaddle kodbox app.php cover server-side request forgery

A vulnerability was found in kalcaddle kodbox up to 1.48. It has been rated as critical. Affected by this issue is the function cover of the file plugins/fileThumb/app.php. The manipulation of the argument path leads to server-side request forgery. The attack may be launched remotely. The exploit...

CVE-2023-6849 kalcaddle kodbox app.php cover server-side request forgery

A vulnerability was found in kalcaddle kodbox up to 1.48. It has been rated as critical. Affected by this issue is the function cover of the file plugins/fileThumb/app.php. The manipulation of the argument path leads to server-side request forgery. The attack may be launched remotely. The exploit...

OS Command Injection

topthink/think is vulnerable OS command injection. An attacker is able to inject malicious PHP code via /library/think/App.php...

Cross-Site Request Forgery (CSRF) in zhongshaofa/easyadmin

✍️ Description Attacker able to delete any rule with CSRF attack. It does not matter at all that your application run in localhost or elsewhere, just it is enough to run on a browser and another low privilege user or attackers know the IP address or hostname of your application. In CSRF attacks it...

CVE-2020-36005

AppCMS 2.0.101 in /admin/app.php contains an arbitrary file deletion vulnerability. The CVE-2020-36005 entry indicates an ability for an attacker to delete arbitrary files on the site. Connected documents confirm the same flaw across CNVD/CNNVD listings, but do not provide concrete exploit detail...

CVE-2020-36005

AppCMS 2.0.101 in /admin/app.php has an arbitrary file deletion vulnerability which allows attackers to delete arbitrary files on the site...

CVE-2020-23776

A SSRF vulnerability exists in Winmail 6.5 in app.php in the key parameter when HTTPS is on. An attacker can use this vulnerability to cause the server to send a request to a specific URL. An attacker can modify the request header 'HOST' value to cause the server to send the request...

CVE-2020-23776

CVE-2020-23776 is an SSRF vulnerability affecting Winmail 6.5 in app.php (parameter key) when HTTPS is enabled. The issue allows an attacker to induce the server to make HTTP requests to a target URL by manipulating the HOST header in requests. Documented in multiple feeds (NVD/Red Hat/CVE lists)...

CVE-2020-23776

A SSRF vulnerability exists in Winmail 6.5 in app.php in the key parameter when HTTPS is on. An attacker can use this vulnerability to cause the server to send a request to a specific URL. An attacker can modify the request header 'HOST' value to cause the server to send the request...

CVE-2018-20062

An issue was discovered in NoneCms V1.3. thinkphp/library/think/App.php allows remote attackers to execute arbitrary PHP code via crafted use of the filter parameter, as demonstrated by the s=index/\think\Request/input&filter=phpinfo&data=1 query string...

Design/Logic Flaw

An issue was discovered in NoneCms V1.3. thinkphp/library/think/App.php allows remote attackers to execute arbitrary PHP code via crafted use of the filter parameter, as demonstrated by the s=index/\think\Request/input&filter=phpinfo&data=1 query string...

CVE-2018-20062

CVE-2018-20062 affects ThinkPHP/NoneCMS with remote code execution via crafted filter parameter in s=index/\think\Request/input&filter=phpinfo&data=1. Public sources in connected docs identify vulnerable versions as ThinkPHP <= 5.0.23 (and 5.1.x

CVE-2018-20062

An issue was discovered in NoneCms V1.3. thinkphp/library/think/App.php allows remote attackers to execute arbitrary PHP code via crafted use of the filter parameter, as demonstrated by the s=index/\think\Request/input&filter=phpinfo&data=1 query string. Recent assessments: Assessed Attacker Valu...

cmi-sales.com XSS vulnerability

Vulnerable URL: http://www.cmi-sales.com/en/app.php?id=%27%22%3E%3E%3C/title%3E%27%22%3ESCRIPT%3E%22%3E%27%3E%3CSCRIPT%3Ealert%28/XSSPOSED/%29%3C/SCRIPT%3Eid=25id=16 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 25.07.2017 Vulnerability type:| XSS Vulnerability status:...

PHPEMS多处存在水平权限问题

简要描述： PHPEMS多处存在水平权限问题 详细说明： 7.多处逻辑漏洞导致平行权限问题 Phems中多处存在平行权限问题，因为要杜绝这个问题必须每次数据库操作都要带上sessionuser但是phems的程序员却非常不配合，导致了多处存在平行权限的问题，我查阅了/app/exam/app.php这一页代码，给出具体出现的问题如下 1. 2108行附近 //删除一个错题记录// 平行权限漏洞 case 'delrecord': $recordid = $this-ev-get'questionid'; $this-favor-delRecord$recordid;...

phpems某处设计失误导致3枚SQL注入漏洞

简要描述： phpems某处设计失误导致3枚SQL注入漏洞 详细说明： 4. PHPems再来3枚SQL注入漏洞吧 存在漏洞代码位置在/app/exam/app.php的lesson函数中 public function lesson $action = $this-ev-url3; $page = $this-ev-get'page'; switch$action case 'ajax': switch$this-ev-url4 case 'questions': $number = $this-ev-get'number'; if!$number$number = 1; $quest...