WordPress Custom PHP Settings plugin <= 2.3.1 - Unauthenticated Reflected Cross-Site Scripting vulnerability

Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin Custom PHP Settings versions = 2.3.1...

CVE-2025-39601

Cross-Site Request Forgery CSRF vulnerability in WPFactory Custom CSS, JS & PHP custom-css allows Remote Code Inclusion.This issue affects Custom CSS, JS & PHP: from n/a through = 2.4.1...

Exploit for OS Command Injection in Php

PHP-CGI Injector 🚀 CVE-2024-4577 & CVE-2024-8926 Exploit To...

Exploit for CVE-2024-9698

CVE-2024-9698 Crafthemes Demo Import " 🔥 Example O...

CVE-2023-35809

An issue was discovered in SugarCRM Enterprise before 11.0.6 and 12.x before 12.0.3. A Bean Manipulation vulnerability has been identified in the REST API. By using a crafted request, custom PHP code can be injected through the REST API because of missing input validation. Regular user privileges...

CVE-2023-35809

An issue was discovered in SugarCRM Enterprise before 11.0.6 and 12.x before 12.0.3. A Bean Manipulation vulnerability has been identified in the REST API. By using a crafted request, custom PHP code can be injected through the REST API because of missing input validation. Regular user privileges...

Real Estate Custom Script - &#039;route&#039; SQL Injection

Exploit Title: Real Estate Custom Script - 'route' SQL Injection Date: 2018-01-31 Exploit Author: 8bitsec Vendor Homepage: https://codecanyon.net/ Software Link: https://codecanyon.net/item/real-estate-custom-script/21268075 Version: 1.0 Tested on: Kali Linux 2.0 | Mac OS 10.13.3 Email:...

F5 Networks BIG-IP : PHP vulnerability (K64412100)

Multiple integer overflows in the mbflstrcut function in ext/mbstring/libmbfl/mbfl/mbfilter.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allow remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted mbstrcut call...

Joomla! Component com_PHP 0.1 - Local File Inclusion

Joomla! Component comPHP 0.1 - Local File Inclusion Joomla Custom PHP Pages Component LFI Vulnerability ===================================================== - Discovered by : Chip D3 Bi0s - Email : [email protected] - Date : 2010-05-11 - Where : From Remote ----------------------------------...

Joomla Custom PHP Pages Local File Inclusion

Joomla Custom PHP Pages Component LFI Vulnerability ===================================================== - Discovered by : Chip D3 Bi0s - Email : [email protected] - Date : 2010-05-11 - Where : From Remote ---------------------------------- Affected software description Application : Joomla...

Vulnerability: Bitrix Php inclusion

Vendor: Bitrix Product: Bitrix Site Manager 4.0.x Vulnerability: php including. Consequence: custom php code execution on server Risk: Critical Description: Due to unfiltered SERVERDOCUMENTROOT variable in file “bitrixmodulesmainstart.php”, hacker can upload php script from other server and execu...