SiempreCMS 代码问题漏洞

SiempreCMS is a content management system of SiempreCMS open source. A code issue vulnerability exists in SiempreCMS version 1.3.6 and earlier, which stems from an incorrect operation of the file /docs/admin/fileupload.php resulting in an unrestricted upload...

CVE-2024-0864 RCE in Laragon

Enabling Simple Ajax Uploader plugin included in Laragon open-source software allows for a remote code execution RCE attack via an improper input validation in a fileupload.php file which serves as an example. By default, Laragon is not vulnerable until a user decides to use the aforementioned...

CVE-2017-12071

CVE-2017-12071 is a server-side request forgery (SSRF) vulnerability in the Synology Photo Station component, affecting file_upload.php. The issue allows remote authenticated users to download arbitrary local files via the url parameter in versions prior to 6.7.4-3433 and 6.3-2968. Documented sou...

CVE-2006-3528

Multiple PHP remote file inclusion vulnerabilities in Simpleboard Mambo module 1.1.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the sbp parameter to 1 imageupload.php and 2 fileupload.php...

Mambo Component SimpleBoard 1.1.0 - Remote File Inclusion

Bug Found by h4ntu http://h4ntu.com batamhacker crew Another Mambo component remote inclusion vulneribility download : http://mamboxchange.com/frs/download.php/6920/Simpleboard-1.1.0-Stable.zip bug found in file fileupload.php : requireonce"$sbp/sbhelpers.php"; inject :...