38 matches found
CVE-2021-28428
File upload vulnerability in HorizontCMS before 1.0.0-beta.3 via uploading a .htaccess and .hello files using the Media Files upload functionality. The original file upload vulnerability CVE-2020-27387 was remediated by restricting the PHP extensions; however, we confirmed that the filter was...
EUVD-2020-21091
Malware in sbrugna...
EUVD-2021-15107
Malware in sbrugna...
EUVD-2022-29847
Malicious code in bioql PyPI...
VulnCheck KEV: CVE-2020-27387
An unrestricted file upload issue in HorizontCMS through 1.0.0-beta allows an authenticated remote attacker with access to the FileManager to upload and execute arbitrary PHP code by uploading a PHP payload, and then using the FileManager's rename function to provide the payload which will receiv...
CVE-2022-25104
HorizontCMS v1.0.0-beta.2 was discovered to contain an arbitrary file download vulnerability via the component /admin/file-manager/...
CVE-2020-27387
An unrestricted file upload issue in HorizontCMS through 1.0.0-beta allows an authenticated remote attacker with access to the FileManager to upload and execute arbitrary PHP code by uploading a PHP payload, and then using the FileManager's rename function to provide the payload which will receiv...
CVE-2020-28693
An unrestricted file upload issue in HorizontCMS 1.0.0-beta allows an authenticated remote attacker to upload PHP code through a zip file by uploading a theme, and executing the PHP file via an HTTP GET request to /themes/...
HorizontCMS Code Issues Vulnerabilities
HorizontCMS is a customer relationship management web platform for individual developers. A security vulnerability exists in HorizontCMS before 1.0.0-beta.3, which can be exploited by attackers to upload .htaccess and .hello files by using the media file upload feature...
CVE-2021-28428
File upload vulnerability in HorizontCMS before 1.0.0-beta.3 via uploading a .htaccess and .hello files using the Media Files upload functionality. The original file upload vulnerability CVE-2020-27387 was remediated by restricting the PHP extensions; however, we confirmed that the filter was...
CVE-2021-28428
File upload vulnerability in HorizontCMS before 1.0.0-beta.3 via uploading a .htaccess and .hello files using the Media Files upload functionality. The original file upload vulnerability CVE-2020-27387 was remediated by restricting the PHP extensions; however, we confirmed that the filter was...
Unrestricted file upload
File upload vulnerability in HorizontCMS before 1.0.0-beta.3 via uploading a .htaccess and .hello files using the Media Files upload functionality. The original file upload vulnerability CVE-2020-27387 was remediated by restricting the PHP extensions; however, we confirmed that the filter was...
CVE-2021-28428
File upload vulnerability in HorizontCMS before 1.0.0-beta.3 via uploading a .htaccess and .hello files using the Media Files upload functionality. The original file upload vulnerability CVE-2020-27387 was remediated by restricting the PHP extensions; however, we confirmed that the filter was...
CVE-2021-28428
CVE-2021-28428 affects HorizontCMS up to version 1.0.0-beta.3. The vulnerability lies in the Media Files upload functionality, where an attacker can bypass a prior filter that restricted PHP extensions and upload arbitrary ".htaccess" and "*.hello" files to achieve remote code execution. The orig...
HorizontCMS 代码问题漏洞
HorizontCMS is a customer relationship management web platform for individual developers. A security vulnerability exists in HorizontCMS before 1.0.0-beta.3, which can be exploited by attackers to upload .htaccess and .hello files by using the media file upload feature...
CVE-2022-25104
HorizontCMS v1.0.0-beta.2 was discovered to contain an arbitrary file download vulnerability via the component /admin/file-manager/...
CVE-2022-25104
HorizontCMS v1.0.0-beta.2 was discovered to contain an arbitrary file download vulnerability via the component /admin/file-manager/...
CVE-2022-25104
HorizontCMS v1.0.0-beta.2 was discovered to contain an arbitrary file download vulnerability via the component /admin/file-manager/...
Arbitrary file deletion
HorizontCMS v1.0.0-beta.2 was discovered to contain an arbitrary file download vulnerability via the component /admin/file-manager/...
HorizontCMS 安全漏洞
HorizontCMS is a customer relationship management web platform for individual developers. A security vulnerability exists in HorizontCMS, which was discovered to contain an arbitrary file download vulnerability via the /admin/file-manager/ component...