2 matches found
File Manager Advanced Shortcode <= 2.3.2 - Unauthenticated Remote Code Execution through shortcode
The plugin does not adequately prevent uploading files with disallowed MIME types when using the shortcode. This leads to RCE in cases where the allowed MIME type list does not include PHP files. In the worst case, this is available to unauthenticated users. 1. Add the following shortcode to a...
Webshell Bypass Vulnerability in Web Security Dog (Apache Edition)
Website Security Dog APACHE Edition is a server tool that integrates website content security protection, website resource protection and website traffic protection functions to fully protect website security. Website Security Dog Apache Edition has a webshell bypass vulnerability that can be...