Smoothwall Express 跨站脚本漏洞

Smoothwall Express is Smoothwall open source a GNU/Linux-based firewall operating system . Smoothwall Express has a cross-site scripting vulnerability , the vulnerability stems from the xtaccess.cgi endpoint EXT, DESTPORT or COMMENT parameter on the user-supplied data lack of effective filtering...

CVE-2025-61675

FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. In versions prior to 16.0.92 for FreePBX 16 and versions prior to 17.0.6 for FreePBX 17, the Endpoint Manager module contains authenticated SQL injection vulnerabilities affecting multiple parameters in the...

CVE-2017-14399

In BlackCat CMS 1.2.2, unrestricted file upload is possible in backend\media\ajaxrename.php via the extension parameter, as demonstrated by changing the extension from .jpg to .php...

CVE-2023-45554

File Upload vulnerability in zzzCMS v.2.1.9 allows a remote attacker to execute arbitrary code via modification of the imageext parameter from jpg, jpeg,gif, and png to jpg, jpeg,gif, png, pphphp...

portfolioCMS 竞争条件问题漏洞

PortfolioCMS is Bootstrap portfolio website with admin panel. A competitive condition vulnerability exists in portfolioCMS version 1.0.0. A remote attacker can exploit this vulnerability to execute arbitrary code via the fileExt parameter of localhost/admin/uploads.php...

PT-2023-12283 · Unknown · Portfoliocms

Name of the Vulnerable Software and Affected Versions: portfolioCMS version 1.0 Description: A race condition issue allows remote attackers to execute arbitrary code by exploiting the fileExt parameter in the localhost/admin/uploads.php API endpoint. Recommendations: For portfolioCMS version 1.0,...

Path Traversal that leads to Remote Code Execution via PHP file upload

📜 Description A path traversal attack also known as directory traversal aims to access files and directories that are stored outside the web root folder. By manipulating variables that reference files with “dot-dot-slash ../” sequences and its variations or by using absolute file paths, it may be...

SuiteCRM 7.11.18 Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SuiteCRM Log File Remote Code Execution', 'Description' = %q This module exploits an input validation error on the log file extension parameter. ...

PT-2021-11130 · Rconfig · Rconfig

Name of the Vulnerable Software and Affected Versions: rConfig versions 3.9.5 Description: An arbitrary file deletion issue allows attackers to delete files by sending a crafted request to "/lib/ajaxHandlers/ajaxDeleteAllLoggingFiles.php" and specifying a path in the path parameter and an extensi...

rConfig 安全漏洞

rConfig is an open source network configuration management utility. rConfig is vulnerable due to an arbitrary file deletion vulnerability in rConfig 3.9.5. An attacker could use the vulnerability to send a crafted request to /lib/ajaxHandlers/ajaxDeleteAllLoggingFiles.php by specifying a path in...

WordPress W3 Total Cache plugin cross-site scripting vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. A cross-site scripting vulnerability exists in the WordPress plugin W3 Total Cache in versions prior to 2.1.4, which stems from a lack of validation of client-side data in the "extension" parameter of t...

CVE-2021-24436

The W3 Total Cache WordPress plugin before 2.1.4 was vulnerable to a reflected Cross-Site Scripting XSS security vulnerability within the "extension" parameter in the Extensions dashboard, which is output in an attribute without being escaped first. This could allow an attacker, who can convince ...

CVE-2021-24452

The W3 Total Cache WordPress plugin before 2.1.5 was affected by a reflected Cross-Site Scripting XSS issue within the "extension" parameter in the Extensions dashboard, when the 'Anonymously track usage to improve product quality' setting is enabled, as the parameter is output in a JavaScript...

WordPress和W3 Total Cache 跨站脚本漏洞

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. A cross-site scripting vulnerability exists in the WordPress plugin W3 Total Cache in versions prior to 2.1.4, which stems from a lack of validation of client-side data in the "extension" parameter of t...

WordPress 跨站脚本漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress plugin W3 Total Cache prior to version...

CVE-2019-13493

In Sitecore 9.0 rev 171002, Persistent XSS exists in the Media Library and File Manager. An authenticated unprivileged user can modify the uploaded file extension parameter to inject arbitrary JavaScript...

Sitecore 9.0 rev 171002 - Persistent Cross-Site Scripting

Exploit Title: Stored Cross Site Scripting XSS in Sitecore 9.0 rev 171002 Date: July 11, 2019 Exploit Author: Owais Mehtab Vendor Homepage: http://www.sitecore.net/en Version: 9.0 rev. 171002 Tested on: Sitecore Experience Platform 8.1 Update-3 i.e.; 8.1 rev. 160519 CVE : CVE-2019-13493 Vendor...

CVE-2019-8938

VertrigoServ 2.17 allows XSS via the /inc/extensions.php ext parameter...

Unrestricted file upload

In BlackCat CMS 1.2.2, unrestricted file upload is possible in backend\media\ajaxrename.php via the extension parameter, as demonstrated by changing the extension from .jpg to .php...

CVE-2017-14399

In BlackCat CMS 1.2.2, unrestricted file upload is possible in backend\media\ajaxrename.php via the extension parameter, as demonstrated by changing the extension from .jpg to .php...