248 matches found
CVE-2024-58280
CMSimple 5.15 contains a remote command execution vulnerability that allows authenticated attackers to modify file extensions and upload malicious PHP files. Attackers can append ',php' to Extensionsuserfiles and upload a shell script to the media directory to execute arbitrary code on the server...
CVE-2024-58280 CMSimple 5.15 Remote Command Execution via Extensions Configuration
CMSimple 5.15 contains a remote command execution vulnerability that allows authenticated attackers to modify file extensions and upload malicious PHP files. Attackers can append ',php' to Extensionsuserfiles and upload a shell script to the media directory to execute arbitrary code on the server...
CVE-2024-58280
CVE-2024-58280 affects CMSimple 5.15 and enables authenticated remote code execution via the Extensions configuration: an attacker can append ",php" to Extensions_userfiles and upload a PHP shell to the media directory, enabling arbitrary code execution on the server. The available sources confir...
CVE-2024-58280 CMSimple 5.15 Remote Command Execution via Extensions Configuration
CMSimple 5.15 contains a remote command execution vulnerability that allows authenticated attackers to modify file extensions and upload malicious PHP files. Attackers can append ',php' to Extensionsuserfiles and upload a shell script to the media directory to execute arbitrary code on the server...
CMSimple 安全漏洞
CMSimple is a free content management system from CMSimple Open Source. A security vulnerability exists in CMSimple version 5.15 that originates from an authenticated user being able to modify file extensions and upload malicious PHP files, which could lead to remote command execution...
CVE-2025-63589
A reflected XSS vulnerability exists in CMSimpleXH 1.8's index.php router when attacker-controlled path segments are not sanitized or encoded before being inserted into the generated HTML navigation links, breadcrumbs, search form action, footer links. An attacker-controlled string placed in the...
CVE-2025-63589
A reflected XSS vulnerability exists in CMSimpleXH 1.8's index.php router when attacker-controlled path segments are not sanitized or encoded before being inserted into the generated HTML navigation links, breadcrumbs, search form action, footer links. An attacker-controlled string placed in the...
PT-2025-45332
Name of the Vulnerable Software and Affected Versions CMSimple XH version 1.8 Description A reflected Cross-Site Scripting XSS issue exists in the index.php router. The issue occurs because attacker-controlled path segments are not properly sanitized or encoded before being included in the...
CVE-2025-63589
A reflected XSS vulnerability exists in CMSimpleXH 1.8's index.php router when attacker-controlled path segments are not sanitized or encoded before being inserted into the generated HTML navigation links, breadcrumbs, search form action, footer links. An attacker-controlled string placed in the...
CVE-2025-63589
A reflected XSS vulnerability exists in CMSimpleXH 1.8's index.php router when attacker-controlled path segments are not sanitized or encoded before being inserted into the generated HTML navigation links, breadcrumbs, search form action, footer links. An attacker-controlled string placed in the...
EUVD-2008-2645
Malware in sbrugna...
EUVD-2014-2259
Malware in sbrugna...
EUVD-2018-11197
Malware in sbrugna...
EUVD-2005-2393
Malware in sbrugna...
EUVD-2018-11196
Malware in sbrugna...
EUVD-2007-0549
Malware in sbrugna...
EUVD-2007-0608
Malware in sbrugna...
EUVD-2021-30649
Malicious code in bioql PyPI...
EUVD-2024-53624
Malicious code in bioql PyPI...
EUVD-2024-53623
Malicious code in bioql PyPI...