13 matches found
EUVD-2020-10823
Malware in sbrugna...
CVE-2020-18912
An issue found in Earcms Ear App v.20181124 allows a remote attacker to execute arbitrary code via the uload/index-uplog.php...
Code injection
An issue found in Earcms Ear App v.20181124 allows a remote attacker to execute arbitrary code via the uload/index-uplog.php...
CVE-2020-18912
CVE-2020-18912 affects Earcms Ear App v.20181124. A vulnerability allows a remote attacker to execute arbitrary code via the endpoint uload/index-uplog.php, as reported across multiple sources (NVD entry). The root cause details are not fully elaborated in the provided documents, but the impact i...
Earcms 代码问题漏洞
Earcms is a content management system from Earcms open source. A code issue vulnerability exists in Earcms App version v.20181124, which stems from allowing remote attackers to execute arbitrary code via uload/index-uplog.php...
CVE-2020-18912
An issue found in Earcms Ear App v.20181124 allows a remote attacker to execute arbitrary code via the uload/index-uplog.php...
CVE-2020-18912
An issue found in Earcms Ear App v.20181124 allows a remote attacker to execute arbitrary code via the uload/index-uplog.php...
EarCMS APP has xss vulnerability
EarCMS APP is a PHP open source system. EarCMS APP has an xss vulnerability that can be exploited by attackers to obtain user cookies...
File Upload Vulnerability in EarCMS Frontend
EarCMS is a PHP open source system. EarCMS has a file upload vulnerability in the frontend that can be exploited by an attacker to upload malicious files, the vulnerability can be used to gain server privileges...
CVE-2017-11756
In Earcms Ear Music through 4.1 build 20170710, remote authenticated users can execute arbitrary PHP code by changing the allowable music-upload extensions to include .php in addition to .mp3 and .m4a in admin.php?iframe=configupload, and then using user.php/music/add/ to upload the code...
CVE-2017-11756
CVE-2017-11756 affects Earcms Ear Music up to version 4.1 (build 20170710). The flaw allows remote authenticated users to execute arbitrary PHP code by altering the music-upload allowed extensions (adding .php alongside .mp3 and .m4a) via admin.php?iframe=config_upload, then uploading through use...
earcms audio.php has an arbitrary file download vulnerability
Ear Music Ear Music is an interface using Discuz background style and UCHome user center style combined with the core by the high-speed template engine and caching mechanism and other frameworks coexist PHP open source music system. earcms audio.php arbitrary file download vulnerability. Allow...
Arbitrary file upload vulnerability in earcms uplog.php
Ear Music Ear Music is an interface using Discuz backend style and UCHome user center style combined with the core by the high-speed template engine and caching mechanism and other frameworks coexist PHP open source music system. earcms uplog.php arbitrary file upload vulnerability , attackers ca...