10 matches found
EUVD-2022-49691
Malicious code in bioql PyPI...
CVE-2021-36573
File Upload vulnerability in Feehi CMS thru 2.1.1 allows attackers to run arbitrary code via crafted image upload...
GHSA-67MH-HW8V-X8V9 FeehiCMS Unrestricted Upload vulnerability
File Upload vulnerability in Feehi CMS thru 2.1.1 allows attackers to run arbitrary code via crafted image upload...
CVE-2021-36573
File Upload vulnerability in Feehi CMS thru 2.1.1 allows attackers to run arbitrary code via crafted image upload...
PT-2022-27774 · Apache +1 · Apache Http Server +1
Name of the Vulnerable Software and Affected Versions: Akeneo PIM Community Edition versions prior to v5.0.119 and v6.0.53 Description: Akeneo PIM is an open source Product Information Management PIM that allows remote authenticated users to execute arbitrary PHP code on the server by uploading a...
DEBIAN-CVE-2021-44123
SPIP 4.0.0 is affected by a remote command execution vulnerability. To exploit the vulnerability, an attacker must craft a malicious picture with a double extension, upload it and then click on it to execute it...
PT-2022-11998 · Spip +2 · Spip +2
Name of the Vulnerable Software and Affected Versions: SPIP version 4.0.0 Description: The issue is a remote command execution vulnerability. To exploit it, an attacker must craft a malicious picture with a double extension, upload it, and then click on it to execute it. Recommendations: For SPIP...
CVE-2019-8942
WordPress before 4.9.9 and 5.x before 5.0.1 allows remote code execution because an wpattachedfile Post Meta entry can be changed to an arbitrary string, such as one ending with a .jpg?file.php substring. An attacker with author privileges can execute arbitrary code by uploading a crafted image...
Red Hat VDSM Denial of Service Vulnerability
Red Hat Ovirt is an open source virtualization management platform from Red Hat, an open source version of RHEV Platform for Enterprise Virtualization, consisting of an ovirt-node client and an overt-engine manager. vdsm is a virtual desktop server manager that facilitates communication between t...
KGB 1.87 (Local Inclusion) Remote Code Execution Exploit
No description provided by source. !/usr/bin/php -q -d shortopentag=on ? $devilteam = " ::::::::: :::::::::: ::: ::: ::::::::::: ::: :+: :+: :+: :+: :+: :+: :+: +:+ +:+ +:+ +:+ +:+ +:+ +:+ ++ +:+ +++:++ ++ +:+ ++ ++ ++ ++ ++ ++ ++ ++ ++ + + + +++ + + ::::::::::: :::::::::: ::: :::: :::: :+: :+: :...