Code injection

vtiger CRM 5.4.0 and earlier contain local file-include vulnerabilities in 'customerportal.php' which allows remote attackers to view files and execute local script code...

Pandora FMS <= 3.1 Multiple Input Validation Vulnerabilities - Active Check

Pandora FMS is prone to an authentication bypass vulnerability as well as the following input-validation vulnerabilities: - A commandinjection vulnerability - Multiple SQL injection SQLi vulnerabilities - A remote file include RFI vulnerability - An arbitrary PHP code execution vulnerability -...

Online Grades Multiple <= 3.2.5 LFi Vulnerabilities

Online Grades is prone to multiple local file-include vulnerabilities because it fails to properly sanitize user-supplied input. An attacker with admin access can exploit these vulnerabilities to obtain potentially sensitive nformation and to execute arbitrary local scripts in the context of the...