CVE-2005-4423

Unrestricted file upload vulnerability in PHPFM before 0.2.3 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension to an accessible directory, as demonstrated using a file with a .php extension, aka "upload phpshell."...

Ovidentia 代码问题漏洞

Ovidentia is an open source content management system and collaboration platform based on PHP and MySQL from the French team Cantico, which can be used for publishing and managing projects, publication and article management, schedule sharing, and more. A security vulnerability exists in Ovidenti...

Reservation Management System 1.0 Cross Site Request Forgery

============================================================================================================================================= | Title : Reservation Management System 1.0 CSRF Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 129.0.1 ...

BIT-ABANTECART-2022-26521

Abantecart through 1.3.2 allows remote authenticated administrators to execute arbitrary code by uploading an executable file, because the CatalogMedia ManagerImages settings can be changed by an administrator e.g., by configuring .php to be a valid image file type...

BACKCLICK 路径遍历漏洞

BACKCLICK is a marketing software from BACKCLICK Germany that helps organizations create, implement, measure and run web-based email campaigns. A security vulnerability exists in BACKCLICK Professional version 5.9.63 that stems from improper validation or cleanup of uploaded filenames, where an...

CVE-2022-26149

MODX Revolution through 2.8.3-pl allows remote authenticated administrators to execute arbitrary code by uploading an executable file, because the Uploadable File Types setting can be changed by an administrator...

CVE-2022-26149

MODX Revolution up to version 2.8.3-pl is affected by an authenticated RCE: an admin can upload an executable file by abusing the Uploadable File Types setting, then execute code via the Media Browser. Exploitation details and proof-of-concept scripts are present in public advisories (e.g., Explo...

CVE-2020-25406

app\admin\controller\sys\Uploads.php in lemocms 1.8.x allows users to upload files to upload executable files...

Lemocms Code Issues Vulnerabilities

Lemocms is a backend administration site builder developed by Lemocms Community based on ThinkPhp. A security vulnerability exists in lemocms version 1.8.x. The vulnerability stems from allowing users to upload files to upload executable files in appadmincontrollersysUploads.php...

Path traversal

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability exists in SFAPV9601 - APC Easy UPS On-Line Software V2.0 and earlier when accessing a vulnerable method of SoundUploadServlet which may lead to uploading executable files to non-specified directories...

TestLink File Upload Vulnerability

TestLink is a set of open source software for managing the software testing process and providing statistical analysis. A file upload vulnerability exists in the keywordImport.php file in TestLink version 1.9.20. A remote attacker can exploit this vulnerability by uploading a file with an...

Unspecified Vulnerability in IBM Planning Analytics

IBM Planning Analytics is a suite of business planning and analytics solutions from IBM USA. The solution supports automated execution of processes such as business planning, budgeting and analysis. A security vulnerability exists in My Account Portal in IBM Planning Analytics version 2.0. An...

CVE-2019-15751

An unrestricted file upload vulnerability in SITOS six Build v6.2.1 allows remote attackers to execute arbitrary code by uploading a SCORM file with an executable extension. This allows an unauthenticated attacker to upload a malicious file containing PHP code to execute operating system commands...

CVE-2014-0607

Unrestricted file upload vulnerability in Attachmate Verastream Process Designer VPD before R6 SP1 Hotfix 1 allows remote attackers to execute arbitrary code by uploading and launching an executable file...

CVE-2013-6810

The server in Brocade Network Advisor before 12.1.0, as used in EMC Connectrix Manager Converged Network Edition CMCNE, HP B-series SAN Network Advisor, and possibly other products, allows remote attackers to execute arbitrary code by using a servlet to upload an executable file...

Code injection

The server in Brocade Network Advisor before 12.1.0, as used in EMC Connectrix Manager Converged Network Edition CMCNE, HP B-series SAN Network Advisor, and possibly other products, allows remote attackers to execute arbitrary code by using a servlet to upload an executable file...

CVE-2011-5069

Unrestricted file upload vulnerability in incidentattachments.php in Support Incident Tracker aka SiT! 3.65 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in unspecified directory, a...

Dedecms V5可执行文件上传漏洞

这是一个比较有意思的东西，但是成功利用起来并不容易，呵呵。 首先看configrglobals.php文件，摘的一段代码如下。这里作者本意是为了帮我们注册变量的，但是他却疏忽了我们不但能注册变量，还能覆盖一些变量。configrglobalsmagic.php也有同样的问题 ………………………………………………………………………… ifisarray$GET foreach$GET AS $key = $value $$key = $value; //可以覆盖任意变量 ………… …………………………………………………………………………...

DoKuWiki file-upload vulnerabilities

ADZ Security Team =================== Info Program: DoKuWiki Version: 2005-02-18 Module: media.php Bug type: File Upload bug Vendor site: http://wiki.splitbrain.org/ Vendor Informed: Yes =================== Bug Info Remote user with file-upload privileges can upload anyone file with any...