415 matches found
CVE-2024-48700
Kliqqi-CMS has a background arbitrary code execution vulnerability that attackers can exploit to implant backdoors or getShell via the editpage.php component...
CVE-2024-48700
CVE-2024-48700 concerns Kliqqi-CMS where a background arbitrary code execution flaw via the edit_page.php component could allow attackers to implant backdoors or obtain a shell. Public sources describe the vulnerability but do not provide concrete exploitation details or remediation status in the...
CVE-2024-48700
Kliqqi-CMS has a background arbitrary code execution vulnerability that attackers can exploit to implant backdoors or getShell via the editpage.php component...
New Hacker Group 'GambleForce' Tageting APAC Firms Using SQL Injection Attacks
A previously unknown hacker outfit called GambleForce has been attributed to a series of SQL injection attacks against companies primarily in the Asia-Pacific APAC region since at least September 2023. "GambleForce uses a set of basic yet very effective techniques, including SQL injections and th...
CVE-2023-48965
An issue in the component /admin/api.plugs/script of ThinkAdmin v6.1.53 allows attackers to getshell via providing a crafted URL to download a malicious PHP file...
CVE-2023-48965
An issue in the component /admin/api.plugs/script of ThinkAdmin v6.1.53 allows attackers to getshell via providing a crafted URL to download a malicious PHP file...
CVE-2023-48965
An issue in the component /admin/api.plugs/script of ThinkAdmin v6.1.53 allows attackers to getshell via providing a crafted URL to download a malicious PHP file...
Exploit for Path Traversal in Fit2Cloud Jumpserver
CVE-2023-42819 CVE-2023-42819 Description of the Vulne...
CVE-2022-46020
WBCE CMS v1.5.4 can implement getshell by modifying the upload file type...
Design/Logic Flaw
WBCE CMS v1.5.4 can implement getshell by modifying the upload file type...
CVE-2022-46020
WBCE CMS v1.5.4 is affected by CVE-2022-46020, a remote code execution vulnerability caused by allowing getshell via modification of the upload file type. The NVD/Nuclei and related sources describe a critical flaw (CVSS v3.1: 9.8) with network attack vector, no privileges required, and high impa...
CVE-2022-46020
WBCE CMS v1.5.4 can implement getshell by modifying the upload file type...
WBCE CMS 代码问题漏洞
WBCE CMS is an open source content management system CMS based on PHP and MySQL. A security vulnerability exists in WBCE CMS v1.5.4, which originates from a getshell that can be realized by modifying the upload file type...
CVE-2022-46020
WBCE CMS v1.5.4 can implement getshell by modifying the upload file type...
GHSA-59FH-RJQ3-XQ7J Thinkphp has a code logic error
Thinkphp 5.1.41 and 5.0.24 has a code logic error which causes file upload getshell...
CVE-2022-44289
Thinkphp 5.1.41 and 5.0.24 has a code logic error which causes file upload getshell...
CVE-2022-44289
Thinkphp 5.1.41 and 5.0.24 has a code logic error which causes file upload getshell...
CVE-2022-44289
ThinkPHP 5.0.24–5.1.41 contains a code-logic error in the file-upload path that can allow an attacker to obtain shell access (remote code execution) on affected servers. Exploitation details are not provided in the CVE, but multiple sources concur on the vulnerability scope and impact. A fix exis...
CVE-2022-44289
Thinkphp 5.1.41 and 5.0.24 has a code logic error which causes file upload getshell...
CVE-2022-36226
SiteServerCMS 5.X has a Remote-download-Getshell-vulnerability via /SiteServer/Ajax/ajaxOtherService.aspx...