CVE-2018-9174

The CVE-2018-9174 entry affects DedeCMS 5.7, specifically the sys_verifies.php component. The root cause is that modifytmp.inc contents are under an attacker’s control, allowing remote attackers to execute arbitrary PHP code via the refiles array parameter. This results in arbitrary code executio...

Z-BlogPHP Cross-Site Request Forgery Vulnerability

Z-BlogPHP is a powerful blogging program. A cross-site request forgery vulnerability exists in pluginedit.php in Z-BlogPHP 1.5.1 Zero. An attacker can exploit this vulnerability to execute arbitrary PHP code...

Cross site request forgery (csrf)

Z-BlogPHP 1.5.1 Zero has CSRF in pluginedit.php, resulting in the ability to execute arbitrary PHP code...

CVE-2018-8893

Z-BlogPHP 1.5.1 Zero has CSRF in pluginedit.php, resulting in the ability to execute arbitrary PHP code...

CVE-2018-8893

Z-BlogPHP 1.5.1 Zero contains a CSRF flaw in plugin_edit.php that can lead to remote arbitrary PHP code execution. Affected component: plugin_edit.php within Z-BlogPHP 1.5.1 Zero. Root cause: cross-site request forgery enabling code execution (as described in CVE-2018-8893). The connected documen...

Code injection

modules/bamegamenu/ajaxphpcode.php in the Responsive Mega Menu Horizontal+Vertical+Dropdown Pro module 1.0.32 for PrestaShop 1.5.5.0 through 1.7.2.5 allows remote attackers to execute arbitrary PHP code via the code parameter...

Cross site request forgery (csrf)

Creditwest Bank CMS Project aka CWCMS through 2017-07-28 has CSRF in the functionality for updating the site configuration, which allows remote attackers to inject arbitrary PHP code, as demonstrated by a PHP shell that calls eval on request parameters...

CMS Made Simple 2.1.6 Remote Code Execution Vulnerability

Exploit for php platform in category web applications Exploit Title: CMS Made Simple 2.1.6 - Remote Code Execution Date: 2018-02-26 Exploit Author: Keerati T. Vendor Homepage: http://www.cmsmadesimple.org/ Software Link: http://s3.amazonaws.com/cmsms/downloads/13570/cmsms-2.1.6-install.zip Versio...

Design/Logic Flaw

Monstra CMS through 3.0.4 has an incomplete "forbidden types" list that excludes .php and similar file extensions but not the .pht or .phar extension, which allows remote authenticated Admins or Editors to execute arbitrary PHP code by uploading a file, a different vulnerability than CVE-2017-180...

Code injection

install.php in Minecraft Servers List Lite before commit c1cd164 and Premium Minecraft Servers List before 2.0.4 does not sanitize input before saving database connection information in connect.php, which might allow remote attackers to execute arbitrary PHP code via the 1 databaseserver, 2...

Mambo < 4.5.4 - SQL Injection Vulnerability

Exploit for php platform in category web applications Mambo SQL Injection Vendor: Miro International Pty Ltd Product: Mambo Version: = 4.5.4 Website: http://www.mamboserver.com/ BID: 20366 OSVDB: 50002 Description: Mambo is a popular Open Source Content Management System released under the GNU...

CVE-2018-3814

Craft CMS 2.6.3000 allows remote attackers to execute arbitrary PHP code by using the "Assets-Upload files" screen and then the "Replace it" option, because this allows a .jpg file to have embedded PHP code, and then be renamed to a .php extension...

Code injection

Craft CMS 2.6.3000 allows remote attackers to execute arbitrary PHP code by using the "Assets-Upload files" screen and then the "Replace it" option, because this allows a .jpg file to have embedded PHP code, and then be renamed to a .php extension...

CVE-2018-3814

Craft CMS 2.6.3000 allows remote attackers to execute arbitrary PHP code by using the "Assets-Upload files" screen and then the "Replace it" option, because this allows a .jpg file to have embedded PHP code, and then be renamed to a .php extension...

Tuleap 9.6 Second-Order PHP Object Injection Exploit

This Metasploit module exploits a Second-Order PHP Object Injection vulnerability in Tuleap 'Tuleap 9.6 Second-Order PHP Object Injection', 'Description' = %q This module exploits a Second-Order PHP Object Injection vulnerability in Tuleap = 9.6 which could be abused by authenticated users to...

CVE-2017-17561

SeaCMS 6.56 allows remote authenticated administrators to execute arbitrary PHP code via a crafted token field to admin/adminping.php, which interacts with data/admin/ping.php...

Code injection

SeaCMS 6.56 allows remote authenticated administrators to execute arbitrary PHP code via a crafted token field to admin/adminping.php, which interacts with data/admin/ping.php...

CVE-2017-17561

SeaCMS 6.56 is affected by an arbitrary PHP code execution vulnerability. Remote authenticated administrators can exploit a crafted token field sent to admin/admin_ping.php (which interacts with data/admin/ping.php) to run arbitrary PHP code on the server. This vulnerability is documented across ...

Design/Logic Flaw

DISPUTED October CMS through 1.0.428 does not prevent use of .htaccess in themes, which allows remote authenticated users to execute arbitrary PHP code by downloading a theme ZIP archive from /backend/cms/themes, and then uploading and importing a modified archive with two new files: a .php file...

CVE-2017-16941

October CMS through 1.0.428 does not prevent use of .htaccess in themes, which allows remote authenticated users to execute arbitrary PHP code by downloading a theme ZIP archive from /backend/cms/themes, and then uploading and importing a modified archive with two new files: a .php file and a...