1622 matches found
CVE-2017-16941
October CMS through 1.0.428 does not prevent use of .htaccess in themes, which allows remote authenticated users to execute arbitrary PHP code by downloading a theme ZIP archive from /backend/cms/themes, and then uploading and importing a modified archive with two new files: a .php file and a...
CVE-2017-16903
Vulnerability summary: LvyeCMS up to version 3.1 is susceptible to remote code execution via directory traversal in the dir parameter combined with inline PHP in the content parameter during a template Style add request to index.php. This yields arbitrary PHP code execution on affected servers. T...
Design/Logic Flaw
Cacti before 1.0.0 allows remote authenticated users to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted serialized object, related to calling unserializestripslashes...
CVE-2014-4000
Cacti before 1.0.0 allows remote authenticated users to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted serialized object, related to calling unserializestripslashes...
Web Viewer 1.0.0.193 (Samsung SRN-1670D) File Upload
Exploit Title: Unrestricted file upload vulnerability - Web Viewer 1.0.0.193 on Samsung SRN-1670D Date: 2017-06-19 Exploit Author: Omar MEZRAG - 0xFFFFFF / www.realistic-security.com Vendor Homepage: https://www.hanwhasecurity.com Version: Web Viewer 1.0.0.193 on Samsung SRN-1670D Tested on: Web...
CVE-2017-16524
Web Viewer 1.0.0.193 on Samsung SRN-1670D devices suffers from an Unrestricted file upload vulnerability: 'networksslupload.php' allows remote authenticated attackers to upload and execute arbitrary PHP code via a filename with a .php extension, which is then accessed via a direct request to the...
Unrestricted file upload
Web Viewer 1.0.0.193 on Samsung SRN-1670D devices suffers from an Unrestricted file upload vulnerability: 'networksslupload.php' allows remote authenticated attackers to upload and execute arbitrary PHP code via a filename with a .php extension, which is then accessed via a direct request to the...
CVE-2017-16524
Web Viewer 1.0.0.193 on Samsung SRN-1670D devices suffers from an Unrestricted file upload vulnerability: 'networksslupload.php' allows remote authenticated attackers to upload and execute arbitrary PHP code via a filename with a .php extension, which is then accessed via a direct request to the...
CometChat Local File Inclusion
Exploit Title: CometChat Vendor Homepage: https://cometchat.com/ Version: 6.2.0 BETA 1 Tested on: Ubuntu Linux 14.04 -------------------------------------------------------------------------------------- In versions of CometChat before version v6.2.0 BETA 1 a bug existed which allowed any...
CometChat < 6.2.0 BETA 1 - Local File Inclusion Vulnerability
Exploit for php platform in category web applications Exploit Title: CometChat Vendor Homepage: https://cometchat.com/ Version: 6.2.0 BETA 1 Tested on: Ubuntu Linux 14.04 -------------------------------------------------------------------------------------- In versions of CometChat before version...
Remote Code Execution (RCE)
genix/cms is vulnerable to remote code execution RCE attacks. A malicious user can upload a module zip file containing arbitrary php code that executes arbitrary commands when extracted by the application...
Code injection
In the Install Themes page in GeniXCMS 1.1.4, remote authenticated users can execute arbitrary PHP code via a .php file in a ZIP archive of a theme...
CVE-2017-14764
In the Upload Modules page in GeniXCMS 1.1.4, remote authenticated users can execute arbitrary PHP code via a .php file in a ZIP archive of a module...
CVE-2017-14764
In the Upload Modules page in GeniXCMS 1.1.4, remote authenticated users can execute arbitrary PHP code via a .php file in a ZIP archive of a module...
Remote Code Execution (RCE)
genix/cms is vulnerable to remote code execution RCE attacks. A malicious user can upload a theme zip file containing arbitrary php code that executes arbitrary commands when extracted by the application...
CVE-2017-14143
The getUserzoneCookie function in Kaltura before 13.2.0 uses a hardcoded cookie secret to validate cookie signatures, which allows remote attackers to bypass an intended protection mechanism and consequently conduct PHP object injection attacks and execute arbitrary PHP code via a crafted userzon...
Unrestricted file upload
Unrestricted file upload vulnerability in webadmin/ajaxfilemanager/ajaxfilemanager.php in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote authenticated users with admin privileges on the Cloud Manager web console to execute arbitrary PHP code by uploading a file...
AlegroCart Arbitrary Code Execution Vulnerability
AlegroCart is an open source online business solution from the Canadian ALEGROCART team. AlegroCart version 1.2.8 has a remote file inclusion vulnerability in the 'getfile' function of the upload/admin2/controller/reportlogs.php file, which stems from the program failing to detect the 'filepath'...
CVE-2015-8351
PHP remote file inclusion vulnerability in the Gwolle Guestbook plugin before 1.5.4 for WordPress, when allowurlinclude is enabled, allows remote authenticated users to execute arbitrary PHP code via a URL in the abspath parameter to frontend/captcha/ajaxresponse.php. NOTE: this can also be...
Unrestricted file upload
Unrestricted File Upload vulnerability in the fileDenyPattern in sysext/core/Classes/Core/SystemEnvironmentBuilder.php in TYPO3 7.6.0 to 7.6.21 and 8.0.0 to 8.7.4 allows remote authenticated users to upload files with a .pht extension and consequently execute arbitrary PHP code...