Arbitrary File Upload

ms-mcms is vulnerable to Arbitrary File Upload. The vulnerability is due to insufficient validation of uploaded ZIP files in the New Template module, allowing attackers to upload crafted files that can be executed on the server, leading to arbitrary code execution...

EUVD-2022-0498

Malicious code in bioql PyPI...

CVE-2022-22929

MCMS v5.2.4 was discovered to have an arbitrary file upload vulnerability in the New Template module, which allows attackers to execute arbitrary code via a crafted ZIP file...

GHSA-77HH-P7R6-66PV Arbitrary File Upload in Mingsoft MCMS

MCMS v5.2.4 was discovered to have an arbitrary file upload vulnerability in the New Template module, which allows attackers to execute arbitrary code via a crafted ZIP file...

Arbitrary File Upload in Mingsoft MCMS

MCMS v5.2.4 was discovered to have an arbitrary file upload vulnerability in the New Template module, which allows attackers to execute arbitrary code via a crafted ZIP file...

CVE-2022-22929

MCMS v5.2.4 was discovered to have an arbitrary file upload vulnerability in the New Template module, which allows attackers to execute arbitrary code via a crafted ZIP file...

CVE-2022-22929

MCMS v5.2.4 was discovered to have an arbitrary file upload vulnerability in the New Template module, which allows attackers to execute arbitrary code via a crafted ZIP file...

CVE-2022-22929

MCMS v5.2.4 was discovered to have an arbitrary file upload vulnerability in the New Template module, which allows attackers to execute arbitrary code via a crafted ZIP file...

Privilege escalation

MCMS v5.2.4 was discovered to have an arbitrary file upload vulnerability in the New Template module, which allows attackers to execute arbitrary code via a crafted ZIP file...

MingSoft Mcms 代码问题漏洞

MingSoft Mcms is a complete open source J2ee system from MingSoft. A security vulnerability exists in MingSoft Mcms v5.2.4, which stems from the lack of file restrictions and filters in the New Template module of the software, leading to an arbitrary file upload vulnerability that can be exploite...

CVE-2022-22929

MCMS v5.2.4 was discovered to have an arbitrary file upload vulnerability in the New Template module, which allows attackers to execute arbitrary code via a crafted ZIP file...

CVE-2022-22929

CVE-2022-22929 affects MingSoft MCMS v5.2.4, with an arbitrary file upload vulnerability in the New Template module. The vulnerability enables remote code execution via a crafted ZIP file, based on the description in multiple connected sources. Exploitation details, affected versions beyond v5.2....

CVE-2019-10105

CMS Made Simple 2.2.10 has a Self-XSS vulnerability via the Layout Design Manager "Name" field, which is reachable via a "Create a new Template" action to the Design Manager...

CVE-2019-10105

CMS Made Simple 2.2.10 has a Self-XSS vulnerability via the Layout Design Manager "Name" field, which is reachable via a "Create a new Template" action to the Design Manager...

New Advanced Dynamic Scan Policy Template in Nessus 8

According to Nessus 8.1.0 release notes, Tenable finally solved the problem with Mixed Plugin groups. At least partially. I will briefly describe the problem. Let's say we found out that some Nessus plugins crash our target systems. This happens rarely, but it happens. So, we decided to disable...

Etomite CMS 1.0 Cross Site Scripting

/. /\ /\ /\ /\ / / // | | \ \ \ \ / / / /// / // / / / /// / // | / / \ | | | http://www.etomite.com/files/file/323-etomite-11/ Versions: 1.0 Tested on: Windows7 ------------------------------------------------------------------------------...