CVE-2026-34234 CtrlPanel: Unauthenticated RCE using installer script

CtrlPanel is open-source billing software for hosting providers. In versions 1.1.1 and prior, the web-based installer public/installer/index.php is vulnerable to unauthenticated Remote Code Execution RCE because it performs the install.lock check only after including and executing form handler...

EUVD-2018-5006

Malware in sbrugna...

CVE-2020-21554

A File Deletion vulnerability exists in TinyShop 3.1.1 in the backlist parameter in controllers\admin.php, which could let a malicious user delete any file such as install.lock to reinstall cms...

CVE-2018-20567

An issue was discovered in DouCo DouPHP 1.5 20181221. \install\index.php allows a reload of the product in opportunistic circumstances in which install.lock cannot be read...

php deserialization vulnerability in dsmall v5.0.6 frontend

dsmall mall system is a complete set of B2B2C multi-store mall solution. The system uses the domestic excellent open source framework THinkPHP , H5 end using vue.js , front and back end separation , based on PHP MySQL development , using B/S architecture. dsmall v5.0.6 front-end php deserializati...

CVE-2018-16344

An issue was discovered in zzcms 8.3. It allows remote attackers to delete arbitrary files via directory traversal sequences in the flv parameter. This can be leveraged for database access by deleting install.lock...

CVE-2018-9331

An issue was discovered in zzcms 8.2. user/adv.php allows remote attackers to delete arbitrary files via directory traversal sequences in the oldimg parameter. This can be leveraged for database access by deleting install.lock...

PT-2018-18988 · Zzcms · Zzcms

Name of the Vulnerable Software and Affected Versions: zzcms version 8.2 Description: An issue was discovered that allows remote attackers to delete arbitrary files via directory traversal sequences in the oldimg parameter in the user/adv.php endpoint. This can be leveraged for database access by...

CVE-2018-8969

An issue was discovered in zzcms 8.2. user/licencesave.php allows remote attackers to delete arbitrary files via directory traversal sequences in the oldimg parameter in an action=modify request. This can be leveraged for database access by deleting install.lock...

CVE-2018-8969

An issue was discovered in zzcms 8.2. user/licencesave.php allows remote attackers to delete arbitrary files via directory traversal sequences in the oldimg parameter in an action=modify request. This can be leveraged for database access by deleting install.lock...

CVE-2018-8965

An issue was discovered in zzcms 8.2. user/ppsave.php allows remote attackers to delete arbitrary files via directory traversal sequences in the oldimg parameter in an action=modify request. This can be leveraged for database access by deleting install.lock...

PT-2018-18744 · Zzcms · Zzcms

Name of the Vulnerable Software and Affected Versions: zzcms version 8.2 Description: An issue in zzcms allows remote attackers to delete arbitrary files via directory traversal sequences in the oldimg parameter in an action=modify request to the "user/ppsave.php" endpoint. This can be leveraged...

Arbitrary File Deletion Vulnerability in Xingyunhai CMS v3.5

Xing Yunhai CMS XYHCMS is a completely open source CMS content management system, simple and easy to use. XYHCMS V3.5 version of the existence of arbitrary file deletion vulnerability, an attacker can use the vulnerability to delete any file , such as deleting install.lock for CMS reinstallation ...

Reinstallation Logic Vulnerability in zzcmsV8.0

ZZCMS is a PHP-developed enterprise website builder. A reinstallation logic vulnerability exists in zzcmsV8.0. Due to a logic vulnerability in the judgment of the installation lock file install.lock, an attacker can exploit the vulnerability to reinstall the system and destroy the program...

YXCMS 1.2.6任意文件删除可Reinstall

简要描述： YXCMS 1.2.6任意文件删除 Reinstall 详细说明： 前人经验： http://wooyun.org/bugs/wooyun-2010-047226 产生漏洞文件： protected\apps\admin\controller\photoController.php protected\apps\member\controller\photoController.php 关键代码： if!empty$photos'photolist' $phoarr=explode',',$photos'photolist'; foreach $phoarr as $vo...