Lucene search
+L

84 matches found

cnvd
cnvd
added 2016/05/21 12:0 a.m.3 views

MeshCMS Command Injection Vulnerability

MeshCMS is an online editing system developed by JAVA. The parameter "exportCommand" in the MeshCMS staticexport2.jsp file has command injection. The attacker is able to execute malicious commands...

7.5AI score
Exploits0References1
prion
prion
added 2013/04/26 3:34 a.m.28 views

Design/Logic Flaw

phpMyAdmin 3.5.x before 3.5.8 and 4.x before 4.0.0-rc3, when a SaveDir directory is configured, allows remote authenticated users to execute arbitrary code by using a double extension in the filename of an export file, leading to interpretation of this file as an executable file by the Apache HTT...

4.6CVSS7.7AI score0.08753EPSS
Exploits7References10Affected Software1
ptsecurity
ptsecurity
added 2012/10/08 12:0 a.m.6 views

PT-2012-1866 · WordPress · Backwpup

Name of the Vulnerable Software and Affected Versions: BackWPup plugin versions prior to 1.7.2 Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the wpabs parameter in the wp xml export.php file. Recommendations: For versions prior to 1.7.2, update to versi...

7.5CVSS7.3AI score0.10403EPSS
Exploits1References12
zdt
zdt
added 2011/10/11 12:0 a.m.25 views

WordPress GD Star Rating plugin <= 1.9.10 SQL Injection

Exploit for php platform in category web applications Exploit Title: WordPress GD Star Rating plugin 1,BENCHMARK5000000,MD5CHAR115,113,108,109,97,112,0--%20 --------------- Vulnerable code --------------- ./export.php requireonce"./code/cls/export.php"; ... if isset$GET"ex" $exporttype = $GET"ex"...

7.1AI score
Exploits0
Rows per page
Query Builder