CVE-2020-20698

A remote code execution RCE vulnerability in /1.com.php of S-CMS PHP v3.0 allows attackers to getshell via modification of a PHP file...

Exploit for CVE-2021-3129

laravel-CVE-2021-3129-EXP CVE-2021-3129: One-click g...

CVE-2020-21786

In IBOS 4.5.4 Open, Arbitrary File Inclusion causes getshell via /system/modules/dashboard/controllers/CronController.php...

CVE-2020-21786

In IBOS 4.5.4 Open, Arbitrary File Inclusion causes getshell via /system/modules/dashboard/controllers/CronController.php...

CVE-2020-21786

CVE-2020-21786 affects IBOS 4.5.4 Open. The Arbitrary File Inclusion vulnerability allows getshell via /system/modules/dashboard/controllers/CronController.php. NVD records a base score of 7.5 (HIGH) under CVSS2 and 9.8 (CRITICAL) under CVSS3.1, indicating remote access with no authentication and...

CVE-2020-21787

CRMEB 3.1.0+ is vulnerable to File Upload Getshell via /crmeb/crmeb/services/UploadService.php...

CVE-2020-21787

CRMEB 3.1.0+ is vulnerable to File Upload Getshell via /crmeb/crmeb/services/UploadService.php...

Unrestricted file upload

CRMEB 3.1.0+ is vulnerable to File Upload Getshell via /crmeb/crmeb/services/UploadService.php...

CVE-2020-21787

CVE-2020-21787 concerns CRMEB 3.1.0+ where the UploadService.php endpoint exposes a vulnerable file upload path (/crmeb/crmeb/services/UploadService.php) that can be abused to achieve a getshell. The NVD entry documents a high-severity vulnerability with CVSS v3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H...

CVE-2020-28063

A file upload issue exists in all versions of ArticleCMS which allows malicious users to getshell...

CVE-2020-28063

A file upload issue exists in all versions of ArticleCMS which allows malicious users to getshell...

puppetCMS Remote Code Execution Vulnerability

puppetCMS is a small, simple, flat file CMS written in PHP. A remote code execution vulnerability exists in puppyCMS version 5.1. The vulnerability stems from insecure permissions. The vulnerability can be exploited by an attacker via /admin/functions.php as a getshell...

CVE-2020-18890

Rmote Code Execution RCE vulnerability in puppyCMS v5.1 due to insecure permissions, which could let a remote malicious user getshell via /admin/functions.php...

Remote code execution

Rmote Code Execution RCE vulnerability in puppyCMS v5.1 due to insecure permissions, which could let a remote malicious user getshell via /admin/functions.php...

CVE-2020-18890

CVE-2020-18890 affects puppyCMS v5.1 (puppyCMS, puppetCMS) with an RCE due to insecure permissions. The vulnerability allows a remote attacker to gain shell access via /admin/functions.php. Root cause: insecure file/permission handling in the admin function. Impact is described as remote code exe...

Exploit for CVE-2021-3129

laravel-CVE-2021-3129-EXP CVE-2021-3129: One-click g...

Exploit for Path Traversal in Saltstack Salt

SaltStack-Exp CVE-2020-11651 CVE-2020-11652 Exec-Master:...

File Upload Vulnerability in Laiku Push Mall System (CNVD-2020-62378)

Laikepush mall system is a system with independent copyright, is an integrated e-commerce system all the functions of the platform. A file upload vulnerability exists in the Laikipu Mall System, which can be exploited by attackers to upload remote files to the server and realize getshell...

Design/Logic Flaw

Niushop B2B2C Multi-business basic version V1.11, can bypass the administrator to obtain the background upload interface, through parameter upload, bypass the getimagesize function, upload php file, getshell...

CVE-2020-19672

CVE-2020-19672 affects Niushop B2B2C Multi-business basic version V1.11. The vulnerability allows bypassing the administrator to access the background upload interface, exploiting an upload parameter to bypass getimagesize and upload a PHP file, leading to getshell. This is what the provided docu...