PT-2025-29553 · Unknown +1 · Tikiwiki Cms/Groupware +1

Name of the Vulnerable Software and Affected Versions: Tiki Wiki CMS Groupware versions 15.1 and earlier Description: An unauthenticated arbitrary file upload issue exists in the Tiki Wiki CMS Groupware software. The vulnerability is located within the ELFinder component’s default connector...

CVE-2024-6297

Several plugins for WordPress hosted on WordPress.org have been compromised and injected with malicious PHP scripts. A malicious threat actor compromised the source code of various plugins and injected code that exfiltrates database credentials and is used to create new, malicious, administrator...

CVE-2020-19364

OpenEMR 5.0.1 allows an authenticated attacker to upload and execute malicious PHP scripts through /controller.php...

CVE-2020-19364

OpenEMR 5.0.1 allows an authenticated attacker to upload and execute malicious PHP scripts through /controller.php...

CVE-2020-5844

Pandora FMS v7.0 NG (specifically v7.0NG.742_FIX_PERL2020) is affected by CVE-2020-5844. The vulnerability resides at index.php?sec=godmode/extensions&sec2=extensions/files_repo, where authenticated administrators can upload arbitrary PHP scripts and trigger execution by base64-decoding the file ...

CVE-2020-5844

index.php?sec=godmode/extensions&sec2=extensions/filesrepo in Pandora FMS v7.0 NG allows authenticated administrators to upload malicious PHP scripts, and execute them via base64 decoding of the file location. This affects v7.0NG.742FIXPERL2020...

PhpGedView 2.61 Multiple PHP Remote File Include Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/9368/info PhpGedView is prone to multiple file include vulnerabilities. The source of the issue is that a number of scripts that ship with the software permit remote users to influence require paths for various external...

PhpGroupWare unspecified remote file include vulnerability

The remote host seems to be running PhpGroupWare, is a multi-user groupware suite written in PHP. SPDX-FileCopyrightText: 2004 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Yappa-ng 1.x/2.x - Remote File Inclusion

source: https://www.securityfocus.com/bid/13371/info yappa-ng is prone to a remote file include vulnerability. This issue may let remote attackers include and execute malicious remote PHP scripts. The vendor has not published any specific details about this vulnerability other than stating that i...

Yappa-ng 1.x2.x - Remote File Inclusion

Yappa-ng 1.x2.x - Remote File Inclusion source: https://www.securityfocus.com/bid/13371/info yappa-ng is prone to a remote file include vulnerability. This issue may let remote attackers include and execute malicious remote PHP scripts. The vendor has not published any specific details about this...

PHPForum 2.0 RC1 - Mainfile.php Remote File Inclusion

PHPForum 2.0 RC1 - Mainfile.php Remote File Inclusion source: https://www.securityfocus.com/bid/8158/info phpForum is prone to a vulnerability that may permit remote attackers to include and execute malicious PHP scripts. This could be exploited to execute malicious PHP commands in the context of...

VBZoom 1.0 - Arbitrary File Upload

source: https://www.securityfocus.com/bid/5926/info It has been reported that VBZoom 1.01 may allow attackers to upload arbitrary files to a vulnerable system. The vulnerability is the result of VBZoom failing to properly validate the types of files that are received. Validation is done through t...