Authorization

The Content Editing Wizards component in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, 6.0.0 through 6.0.11, and 6.1.0 through 6.1.6 allows remote authenticated backend users to unserialize arbitrary PHP objects, delete arbitrary files, and possibly have other unspecified impacts via an...

LiveZilla 'mobile/php/translation/index.php' 'g_language' Parameter Local File Inclusion

The version of LiveZilla installed on the remote web server fails to properly sanitize user-supplied input to the 'glanguage' parameter of the 'mobile/php/translation/index.php' script. A remote, unauthenticated attacker can exploit this issue to view arbitrary files or execute arbitrary PHP code...

espcms Command Execution Vulnerability可getshell（鸡肋）

简要描述： RT 详细说明： 在后台getshell，略鸡肋 在/datacache/command.php文件 $CONFIG=Array //ICP备案 'icpbeian'='', //网站状态 'isclose'=0, //管理员Email 'adminemail'='[email protected]', //网站网址 'domain'='http://localhost/espcms/', //日志记录 'islog'=1, ………… 后台修改网站系统设置后可将代码写入command.php中 访问command.php并传参...

CVE-2013-1349

Eval injection vulnerability in ajax.php in openSIS 4.5 through 5.2 allows remote attackers to execute arbitrary PHP code via the modname parameter...

Sql injection

Eval injection vulnerability in ajax.php in openSIS 4.5 through 5.2 allows remote attackers to execute arbitrary PHP code via the modname parameter...

CVE-2013-1349

Eval injection vulnerability in ajax.php in openSIS 4.5 through 5.2 allows remote attackers to execute arbitrary PHP code via the modname parameter...

Design/Logic Flaw

The jsondecode function in plugins/contextreactionblock.inc in the Context module 6.x-2.x before 6.x-3.2 and 7.x-3.x before 7.x-3.0 for Drupal, when using a version of PHP that does not support the jsondecode function, allows remote attackers to execute arbitrary PHP code via unspecified vectors...

WordPress OptimizePress Theme File Upload

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'uri' class Metasploit3 'WordPress OptimizePress Theme File Upload Vulnerability', 'Description' = %q This module exploits a vulnerability found...

Code injection

The Security Screen core/securite/ecransecurite.php before 1.1.8 for SPIP, as used in SPIP 3.0.x before 3.0.12, allows remote attackers to execute arbitrary PHP via the connect parameter...

WordPress Amplus Cross Site Request Forgery Vulnerability

WordPress Amplus theme suffers from a cross site request forgery vulnerability. Title : Wordpress Amplus Themes CSRF File Upload Vulnerability Author : DevilScreaM Date : 11/17/2013 - 17 November 2013 Category : Web Applications Type : PHP Vendor : http://themeforest.net Download :...

CVE-2013-3631

NAS4Free 9.1.0.1.804 and earlier allows remote authenticated users to execute arbitrary PHP code via a request to exec.php, aka the "Advanced | Execute Command" feature. NOTE: this issue might not be a vulnerability, since it appears to be part of legitimate, intentionally-exposed functionality b...

Joomla Joomleague Shell Upload

Exploit Title: joomla comjoomleague execute arbitrary PHP code Exploit Google Dork: inurl:comjoomleague Date: 01-11-2013 Exploit Author: wantexz Vendor Homepage:http://www.joomleague.net/ Software Link:...

vTiger CRM 5.3.0 / 5.4.0 Authenticated Remote Code Execution

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'vTigerCRM v5.4.0/v5.3.0 Authenticated Remote Code Execution', 'Description' = %q vTiger CRM allows an authenticated user to upload...

WordPress Woopra Remote Code Execution

WordPress Woopra plugin remote PHP arbitrary code execution exploit. Exploit Title: woopra plugins execute arbitrary PHP code Exploit Google Dork: inurl:/plugins/woopra/inc/php-ofc-library , inurl:wp-content/plugins/woopra/inc/ Date: 06-10-2013 Exploit Author: wantexz Vendor...

WordPress Plugin SEO Watcher - ofc_upload_image.php Arbitrary PHP Code Execution

WordPress Plugin SEO Watcher - ofcuploadimage.php Arbitrary PHP Code Execution source: https://www.securityfocus.com/bid/62825/info The SEO Watcher plugin for WordPress is prone to an arbitrary PHP code-execution vulnerability. An attacker can exploit this issue to execute arbitrary PHP code with...

WordPress SEO Watcher Plugin - Arbitrary PHP Code Execution

SEO Watcher plugin's "ofcuploadimage.php" is prone to an arbitrary PHP code execution vulnerability. It allows an attacker to execute arbitrary PHP code within the context of the web server. Solution Upgrade the plugin...

GLPI 0.84.1 Access Control / Code Injection

Advisory ID: HTB23173 Product: GLPI Vendor: INDEPNET Vulnerable Versions: 0.84.1 and probably prior Tested Version: 0.84.1 Advisory Publication: September 11, 2013 without technical details Vendor Notification: September 11, 2013 Vendor Patch: September 12, 2013 Public Disclosure: October 2, 2013...

GLPI 0.84.1 - Multiple Vulnerabilities

Advisory ID: HTB23173 Product: GLPI Vendor: INDEPNET Vulnerable Versions: 0.84.1 and probably prior Tested Version: 0.84.1 Advisory Publication: September 11, 2013 without technical details Vendor Notification: September 11, 2013 Vendor Patch: September 12, 2013 Public Disclosure: October 2, 2013...

Astium Remote Code Execution

This module exploits vulnerabilities found in Astium astium-confweb-2.1-25399 RPM and lower. A SQL Injection vulnerability is used to achieve authentication bypass and gain admin access. From an admin session arbitrary PHP code upload is possible. It is used to add the final PHP payload to...

Remote Code Execution in GLPI

High-Tech Bridge Security Research Lab discovered multiple vulnerabilities in GLPI, which can be exploited to bypass security restrictions and execute arbitrary PHP code with privileges of web server. 1 Improper Access Control in GLPI The vulnerability exists due to insufficient access restrictio...