1978 matches found
CVE-2020-19822
A remote code execution RCE vulnerability in templateuser.php of ZZCMS version 2018 allows attackers to execute arbitrary PHP code via the "ml" and "title" parameters...
Remote code execution
A remote code execution RCE vulnerability in templateuser.php of ZZCMS version 2018 allows attackers to execute arbitrary PHP code via the "ml" and "title" parameters...
CVE-2020-19822
A remote code execution RCE vulnerability in templateuser.php of ZZCMS version 2018 allows attackers to execute arbitrary PHP code via the "ml" and "title" parameters...
PT-2021-10414 · Zzcms · Zzcms
Name of the Vulnerable Software and Affected Versions: ZZCMS version 2018 Description: A remote code execution issue in the template user.php file allows attackers to execute arbitrary PHP code. This is achieved via the ml and title parameters. Recommendations: For ZZCMS version 2018, consider...
D-Link DIR-816 Command Execution Vulnerability (CNVD-2021-67516)
The D-Link DIR-816 is a wireless router from D-Link, Taiwan, China.The D-Link DIR-816 has a security vulnerability that could be exploited by attackers to execute arbitrary php code via the typename parameter...
Code injection
The plus/search.php component in DedeCMS 5.7 SP2 allows remote attackers to execute arbitrary PHP code via the typename parameter because the contents of typename.inc are under an attacker's control...
CVE-2020-18917
The plus/search.php component in DedeCMS 5.7 SP2 allows remote attackers to execute arbitrary PHP code via the typename parameter because the contents of typename.inc are under an attacker's control...
CVE-2021-39608
Remote Code Execution RCE vulnerabilty exists in FlatCore-CMS 2.0.7 via the upload addon plugin, which could let a remote malicious user exeuct arbitrary php code...
Remote code execution
Remote Code Execution RCE vulnerabilty exists in FlatCore-CMS 2.0.7 via the upload addon plugin, which could let a remote malicious user exeuct arbitrary php code...
CVE-2021-39608
Remote Code Execution RCE vulnerabilty exists in FlatCore-CMS 2.0.7 via the upload addon plugin, which could let a remote malicious user exeuct arbitrary php code...
Remote code execution
A remote code execution RCE in e/install/index.php of EmpireCMS 7.5 allows attackers to execute arbitrary PHP code via writing malicious code to the install file...
Code injection in topthink/think
A remote code execution RCE vulnerability in /library/think/App.php of Twothink v2.0 allows attackers to execute arbitrary PHP code...
The vulnerability of the config/configuration.php component of the VoIPmonitor traffic analyzer allows a attacker to execute arbitrary PHP code.
The vulnerability of the config/configuration.php component of the VoIPmonitor traffic analyzer is related to incorrect code generation. Exploiting this vulnerability allows a remote attacker to execute arbitrary PHP code...
CVE-2021-36766
Concrete5 through 8.5.5 deserializes Untrusted Data. The vulnerable code is located within the controllers/singlepage/dashboard/system/environment/logging.php Logging::updatelogging method. User input passed through the logFile request parameter is not properly sanitized before being used in a ca...
CVE-2020-17952
A remote code execution RCE vulnerability in /library/think/App.php of Twothink v2.0 allows attackers to execute arbitrary PHP code...
CVE-2020-17952
A remote code execution RCE vulnerability in /library/think/App.php of Twothink v2.0 allows attackers to execute arbitrary PHP code...
Advantech R-SeeNet File Inclusion Vulnerability
Advantech R-SeeNet is an industrial monitoring software from Advantech, Taiwan, China. The software is based on the snmp protocol for monitoring platforms and is available for Linux and Windows platforms.Advantech R-SeeNet suffers from a file inclusion vulnerability, which stems from the failure ...
WordPress 插件路径遍历漏洞
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL servers to set up a personal blog site.WordPress Plugin is a WordPress open source application plugin . An authorization issue vulnerability exists in WordPress...
Code injection
Elemin allows remote attackers to upload and execute arbitrary PHP code via the Themify framework before 1.2.2 wp-content/themes/elemin/themify/themify-ajax.php file...
CVE-2020-25414
A local file inclusion vulnerability was discovered in the captcha function in Monstra 3.0.4 which allows remote attackers to execute arbitrary PHP code...