39 matches found
CVE-2025-68109
ChurchCRM is an open-source church management system. In versions prior to 6.5.3, the Database Restore functionality does not validate the content or file extension of uploaded files. As a result, an attacker can upload a web shell file and subsequently upload a .htaccess file to enable direct...
EUVD-2019-6592
Malware in sbrugna...
CVE-2023-50982
Stud.IP 5.x through 5.3.3 allows XSS with resultant upload of executable files, because uploadaction and editaction in AdminSmileysController do not check the file extension. This leads to remote code execution with the privileges of the www-data user. The fixed versions are 5.3.4, 5.2.6, 5.1.7,...
CVE-2019-14924
An issue was discovered in GCDWebServer before 3.5.3. The method moveItem in the GCDWebUploader class checks the FileExtension of newAbsolutePath but not oldAbsolutePath. By leveraging this vulnerability, an adversary can make an inaccessible file be available the credential of the app, for...
CVE-2017-11178
In FineCMS through 2017-07-11, application/core/controller/style.php allows remote attackers to write to arbitrary files via the contents and filename parameters in a route=style action. For example, this can be used to overwrite a .php file because the file extension is not checked...
CVE-2015-7309
The theme editor in Bolt before 2.2.5 does not check the file extension when renaming files, which allows remote authenticated users to execute arbitrary code by renaming a crafted file and then directly accessing it...
DNN 安全漏洞
DNN aka DotNetNuke is a Microsoft-supported, open-source content management system CMS based on the ASP.NET platform from the U.S. company DNN. The system is easy to install, scalable and feature-rich. A security vulnerability exists in DNN versions prior to 9.13.2, which stems from the fact that...
CVE-2024-46441
CVE-2024-46441 affects YPay 1.2.0. The vulnerability arises from an arbitrary file upload where ZIP archives are processed by themePutFile (app/common/util/Upload.php) called from app/admin/controller/ypay/Home.php, with the uncompressed file extension not being checked. Impact stated is arbitrar...
Design/Logic Flaw
An issue in Tecrail Responsive FileManager v9.9.5 and below allows attackers to bypass the file extension check mechanism and upload a crafted PHP file, leading to arbitrary code execution...
CVE-2021-24347
The SP Project & Document Manager WordPress plugin before 4.22 allows users to upload files, however, the plugin attempts to prevent php and other similar files that could be executed on the server from being uploaded by checking the file extension. It was discovered that php files could still be...
PHP-Fusion 9.03.50 - 'Edit Profile' Arbitrary File Upload
Exploit Title: PHP-Fusion 9.03.50 - 'Edit Profile' Arbitrary File Upload Date: 2020-04-24 Author: Besim ALTINOK Vendor Homepage: https://www.php-fusion.co.uk/home.php Software Link: https://sourceforge.net/projects/php-fusion/files/PHP-Fusion%20Archives/9.x/PHP-Fusion%209.03.50.zip/download...
CVE-2017-15285
X-Cart 5.2.23, 5.3.1.9, 5.3.2.13, and 5.3.3 are vulnerable to Remote Code Execution due to improper validation of uploaded file extensions before saving locally. The issue can be exploited by anyone with Vendor access or higher by uploading an image file in a product catalog attachment, then uplo...
CVE-2017-1000002
ATutor versions 2.2.1 and earlier are vulnerable to a directory traversal and file extension check bypass in the Course component resulting in code execution. ATutor versions 2.2.1 and earlier are vulnerable to a directory traversal vulnerability in the Course Icon component resulting in...
CVE-2017-1000002
CVE-2017-1000002 affects ATutor
OV3 Online Administration 3.0 - Remote Code Execution Vulnerability
Exploit for php platform in category web applications !-- OV3 Online Administration 3.0 Authenticated Code Execution Vendor: novaCapta Software & Consulting GmbH Product web page: http://www.meacon.de Affected version: 3.0 Summary: With the decision to use the OV3 as a platform for your data...
PaKnPost Pro 1.14 - Multiple Vulnerabilities
Exploit Title: PaKnPost Pro Arbitrary File Upload & Remote Code Execution Date: 2016-07-06 Product: PaKnPost Pro Vendor Homepage: http://www.paknpost.org Software Link: https://sourceforge.net/projects/paknpost/ Version: =1.14 Tested on: Windows, Linux Exploit Authors: Edvin Rustemagic, Grega...
PaKnPost Pro 1.14 - Multiple Vulnerabilities
Exploit for php platform in category web applications Exploit Title: PaKnPost Pro Arbitrary File Upload & Remote Code Execution Date: 2016-07-06 Product: PaKnPost Pro Vendor Homepage: http://www.paknpost.org Software Link: https://sourceforge.net/projects/paknpost/ Version: =1.14 Tested on:...
蝉知CMS5.3 CRSF getshell
简要描述: 蝉知CMS5.3 CRSF getshell 详细说明: /system/module/package/control.php public function upload$type = 'extension' $this-view-canManage = array'result' = 'success'; if!$this-loadModel'guarder'-verify $this-view-canManage = $this-loadModel'common'-verifyAdmin; if$SERVER'REQUESTMETHOD' == 'POST'...
GoAutoDial CE 3.3-1406088000 - Authentication Bypass Arbitrary File Upload Command Injection
GoAutoDial CE 3.3-1406088000 - Authentication Bypass Arbitrary File Upload Command Injection Affected software: GoAutoDial Affected version: 3.3-1406088000 GoAdmin and previous releases of GoAutodial 3.3 Associated CVEs: CVE-2015-2842, CVE-2015-2843, CVE-2015-2844, CVE-2015-2845 Vendor advisory:...
Malware cleanup to Gravity Forms arbitrary file upload-vulnerability warning-the black bar safety net
Regular malware detection cleanup process, we encountered one case of infection, caused our attention. Our environment does not have any special or fancy stuff, just updated wordpress and 3 expired plug-in; this situation is quite reasonable. The processing process ends, the environment is clean...