PHPKB Multi-Language 9 image-upload.php Code Execution Exploit

Exploit for php platform in category web applications Exploit Title: PHPKB Multi-Language 9 - 'image-upload.php' Authenticated Remote Code Execution Exploit Author: Antonio Cannito Vendor Homepage: https://www.knowledgebase-script.com/ Software Link: https://www.knowledgebase-script.com/pricing.p...

PHPKB Multi-Language 9 - image-upload.php Authenticated Remote Code Execution

PHPKB Multi-Language 9 - image-upload.php Authenticated Remote Code Execution Exploit Title: PHPKB Multi-Language 9 - 'image-upload.php' Authenticated Remote Code Execution Google Dork: N/A Date: 2020-03-15 Exploit Author: Antonio Cannito Vendor Homepage: https://www.knowledgebase-script.com/...

CVE-2018-6943

The CVE-2018-6943 entry concerns the WordPress UltimateMember plugin (v2.0) where core/lib/upload/um-image-upload.php is vulnerable to cross-site scripting due to improper sanitization of input assigned to the $temp variable. This XSS condition is documented across multiple sources (NVD listing a...

CVE-2018-6943

core/lib/upload/um-image-upload.php in the UltimateMember plugin 2.0 for WordPress has a cross-site scripting vulnerability because it fails to properly sanitize user input passed to the $temp variable...