CVE-2025-62521

Summary: CVE-2025-62521 affects ChurchCRM before 5.21.0. A pre-authentication RCE exists in the setup wizard due to unsanitized user input in setup/routes/setup.php, which is directly concatenated into a PHP configuration template and written to Include/Config.php, then executed on every page loa...

Linux Distros Unpatched Vulnerability : CVE-2018-17567

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Jekyll through 3.6.2, 3.7.x through 3.7.3, and 3.8.x through 3.8.3 allows attackers to access arbitrary files by specifying a symlink in the include key in the...

Jekyll Arbitrary File Access Vulnerability

Jekyll is a static website generator. A security vulnerability exists in Jekyll version 3.6.2 and earlier, version 3.7.x through 3.7.3, and version 3.8.x through 3.8.3. An attacker can exploit the vulnerability by specifying a symbolic link in the 'include' key of the 'config.yml' file to access...

PT-2007-4474 · Mybloggie · Mybloggie

Name of the Vulnerable Software and Affected Versions: myBloggie version 2.1.5 Description: The issue allows remote attackers to potentially execute arbitrary PHP code via a URL in the bloggie root path parameter to several PHP files, including config.php, db.php, template.php, functions.php,...

pov-rfi.txt

=============================== phporacleview = pagedir Remote File Inclusion Exploit =============================== Discoverd By : Alkomandoz Hacker HomePge= Asb-May.Net & Mohandko.com & Sniper-sa.com & Tryag.com ================================ Script Name: phporacleview Download Script:...