CVE-2018-13038

OpenSID 18.06-pasca has an Unrestricted File Upload vulnerability via an Attachment Document in the article feature. This vulnerability leads to uploading arbitrary PHP code via a .php filename with the application/pdf Content-Type...

CVE-2018-13038

OpenSID 18.06-pasca has an Unrestricted File Upload vulnerability via an Attachment Document in the article feature. This vulnerability leads to uploading arbitrary PHP code via a .php filename with the application/pdf Content-Type...

Code injection

onefilecms.php in OneFileCMS through 2012-04-14 might allow attackers to execute arbitrary PHP code via a .php filename on the New File screen...

Web Servers PHPMyAdmin Remote Code Execution (CVE-2016-5734)

A remote code execution vulnerability exists in PHPMyAdmin. The vulnerability is caused due to incorrect choosing of delimiters to prevent use of the pregreplace function. Successful exploitation of this vulnerability will allow execution of arbitrary PHP code...

Custom Tokens - Critical - Arbitrary PHP code execution - SA-CONTRIB-2018-041

The Custom Tokens module enables you to create custom tokens for specific replacements that can improve other modules relying on the token API. The module doesn't sufficiently identify that its custom permissions are risky and should only be granted to highly trusted roles. This vulnerability is...

CVE-2018-11736

Pluck before 4.7.7-dev2 is affected by a remote code execution in /data/inc/images.php. An attacker can upload an image/jpeg/.htaccess file to execute arbitrary PHP code, leading to full compromise of affected hosts. The issue is mitigated by upgrading to Pluck 4.7.7-dev2 or applying the fixed re...

GreenCMS 2.3.0603 - Cross-Site Request Forgery / Remote Code Execution Vulnerabilities

Exploit for php platform in category web applications Exploit Title: GreenCMS v2.3.0603 CSRF vulnerability get webshell Exploit Author: xichao Vendor Homepage: https://github.com/GreenCMS/GreenCMS Software Link: https://github.com/GreenCMS/GreenCMS Version: v2.3.0603 CVE : CVE-2018-11670 An issue...

CVE-2018-11670

An issue was discovered in GreenCMS v2.3.0603. There is a CSRF vulnerability that allows attackers to execute arbitrary PHP code via the content parameter to index.php?m=admin&c=media&a=fileconnect...

CVE-2018-11670

An issue was discovered in GreenCMS v2.3.0603. There is a CSRF vulnerability that allows attackers to execute arbitrary PHP code via the content parameter to index.php?m=admin&c=media&a=fileconnect...

WordPress 4.7.x < 4.7.2 REST API 'id' Parameter Privilege Escalation

The WordPress application running on the remote web server is version 4.7.x prior to 4.7.2. It is, therefore, affected by a privilege escalation vulnerability in the REST API due to a failure to properly sanitize user- supplied input to the 'id' parameter when editing or deleting blog posts. An...

ProfileGrid – User Profiles, Groups and Communities <= 2.8.5 - Authenticated Code Execution

The plugin ProfileGrid – User Profiles, Groups and Communities versions prior to 2.8.6 is vulnerable to Arbitrary Code Execution. An authenticated user with a role as low as Subscriber can execute arbitrary PHP code on websites using the plugin. PoC Send an authenticated POST request to...

CVE-2018-0568

Unrestricted file upload vulnerability in SiteBridge Inc. Joruri Gw Ver 3.2.0 and earlier allows remote authenticated users to execute arbitrary PHP code via unspecified vectors...

CVE-2018-0568

Unrestricted file upload vulnerability in SiteBridge Inc. Joruri Gw Ver 3.2.0 and earlier allows remote authenticated users to execute arbitrary PHP code via unspecified vectors...

CVE-2018-10574

site/index.php/admin/trees/add/ in BigTree 4.2.22 and earlier allows remote attackers to upload and execute arbitrary PHP code because the BigTreeStorage class in core/inc/bigtree/apis/storage.php does not prevent uploads of .htaccess files...

xdebug Unauthenticated OS Command Execution

Module exploits a vulnerability in the eval command present in Xdebug versions 2.5.5 and below. This allows the attacker to execute arbitrary php code as the context of the web user. This module requires Metasploit: https://metasploit.com/download Current source:...

CVE-2018-10375

A file uploading vulnerability exists in /include/helpers/upload.helper.php in DedeCMS V5.7 SP2, which can be utilized by attackers to upload and execute arbitrary PHP code via the /dede/archivesdo.php?dopost=uploadLitpic litpic parameter when "Content-Type: image/jpeg" is sent, but the filename...

CVE-2018-10375

A file uploading vulnerability exists in /include/helpers/upload.helper.php in DedeCMS V5.7 SP2, which can be utilized by attackers to upload and execute arbitrary PHP code via the /dede/archivesdo.php?dopost=uploadLitpic litpic parameter when "Content-Type: image/jpeg" is sent, but the filename...

Code injection

POSCMS 3.2.10 allows remote attackers to execute arbitrary PHP code via the diy\module\member\controllers\admin\Setting.php 'index' function because an attacker can control the value of $cache'setting''ucssocfg' in diy\module\member\models\Membermodel.php and write this code into the...

Cross site request forgery (csrf)

The plugin upload component in Z-BlogPHP 1.5.1 allows remote attackers to execute arbitrary PHP code via the appid parameter to zbusers/plugin/AppCentre/pluginedit.php because of an unanchored regular expression, a different vulnerability than CVE-2018-8893. The component must be accessed directl...

CVE-2018-9847

In Gxlcms QY v1.0.0713, the update function in Lib\Lib\Action\Admin\TplAction.class.php allows remote attackers to execute arbitrary PHP code by placing this code into a template...