CVE-2025-56295

CVE-2025-56295 affects the code-projects Computer Laboratory System 1.0. The issue is a file upload vulnerability in the avatar modification flow, where the upload feature does not restrict file types, enabling staff to upload malicious PHP backdoor files. This can be leveraged to establish a web...

PT-2025-34810 · Unknown · Badaso Cms

Name of the Vulnerable Software and Affected Versions: Badaso CMS version 2.9.11 Description: The Media Manager allows authenticated users to upload files containing embedded PHP code via the file-upload endpoint, bypassing content-type validation. When such a file is accessed via its URL, the...

CVE-2012-10042

Sflog! CMS 1.0 contains an authenticated arbitrary file upload vulnerability in the blog management interface. The application ships with default credentials admin:secret and allows authenticated users to upload files via manage.php. The upload mechanism fails to validate file types, enabling...

Enable Media Replace < 4.0.2 - Author+ Arbitrary File Upload

The plugin does not prevent authors from uploading arbitrary files to the site, which may allow them to upload PHP shells on affected sites. 1 As an Author, upload a picture via http://vulnerable-site.tld/wp-admin/upload.php 2 Press on the new picture's thumbnail to see the attachment's details 3...

CVE-2022-26479

An issue was discovered in Poly EagleEye Director II before 2.2.2.1. Existence of a certain file which can be created via an rsync backdoor causes all API calls to execute as admin without authentication...

CVE-2022-26479

An issue was discovered in Poly EagleEye Director II before 2.2.2.1. Existence of a certain file which can be created via an rsync backdoor causes all API calls to execute as admin without authentication...

Flaw in Elementor and Beaver Addons Let Anyone Hack WordPress Sites

Attention WordPress users! Your website could easily get hacked if you are using "Ultimate Addons for Beaver Builder," or "Ultimate Addons for Elementor" and haven't recently updated them to the latest available versions. Security researchers have discovered a critical yet easy-to-exploit...

Apple Mac OSX 10.910 - Local Privilege Escalation

Apple Mac OSX 10.910 - Local Privilege Escalation / osx-irony-assist.m Copyright c 2010 by Apple MACOS X include import import / where you want to write it! / define BACKDOORBIN "/var/db/.AccessibilityAPIEnabled" int doassistivecopyconst char spath, const char dpath NSAutoreleasePool pool =...

Multiple Web Servers king injector Backdoor Command Execution

A command execution vulnerability has been reported in multiple Web servers. The vulnerability is due to the existence of a backdoor file on the Web server within a specific library. A remote attacker can exploit this vulnerability by sending a request to the malicious backdoor file...

WebRooT Hack Tools

A command execution vulnerability has been reported in multiple PHP servers. The vulnerability is due to the existence of a backdoor file on the PHP server within a specific library. A remote attacker can exploit this vulnerability by sending a request to the malicious backdoor file...

Multiple PHP Servers B374kshell Backdoor Command Execution

A command execution vulnerability has been reported in multiple PHP servers. The vulnerability is due to the existence of a backdoor file on the PHP server within a specific library. A remote attacker can exploit this vulnerability by sending a request to the malicious backdoor file...

MAARCH 1.4 - SQL Injection / Arbitrary File Upload Vulnerabilities

Exploit for php platform in category web applications / Exploit Title: Maarch 1.4 SQL Injection Google Dork: intext:"Maarch Maerys Archive v2.1 logo" Date: 29/10/2014 Exploit Author: Adrien Thierry Exploit Advisory:...

Multiple PHP Servers C99shell Backdoor Command Execution

A command execution vulnerability has been reported in multiple PHP servers. The vulnerability is due to the existence of a backdoor file on the PHP server within a specific library. A remote attacker can exploit this vulnerability by sending a request to the malicious backdoor file...

Multiple PHP Servers DQ99shell Backdoor Command Execution

A command execution vulnerability has been reported in multiple PHP servers. The vulnerability is due to the existence of a backdoor file on the PHP server within a specific library. A remote attacker can exploit this vulnerability by sending a request to the malicious backdoor file...

Multiple PHP Servers SyrianShell Backdoor Command Execution

A command execution vulnerability has been reported in multiple PHP servers. The vulnerability is due to the existence of a backdoor file on the PHP server within a specific library. A remote attacker can exploit this vulnerability by sending a request to the malicious backdoor file...

6KBBS system to break the back door file-vulnerability warning-the black bar safety net

From:Dream an end Hello, I'm Dream an end. See the September the the hackers Handbook the lone water around the city, my brother wrote that article, the alarm bells ringing-the vigilant hidden in the web site behind the trap of feeling quite a lot. In this crazy Internet era, made a rookie your o...