2 matches found
PowerCMS XMLRPC API vulnerable to command injection
Overview PowerCMS XMLRPC API provided by Alfasado Inc. contains a command injection vulnerability CWE-74. Sending a specially crafted message by POST method to PowerCMS XMLRPC API may allow arbitrary Perl script execution, and an arbitrary OS command may be executed through it. According to the...
GHOST glibc Vulnerability Affects WordPress and PHP applications
After the disclosure of extremely critical GHOST vulnerability in the GNU C library glibc — a widely used component of most Linux distributions, security researchers have discovered that PHP applications, including the WordPress Content Management System CMS, could also be affected by the bug...