74 matches found
EUVD-2015-5410
Malware in sbrugna...
EUVD-2008-0507
Malware in sbrugna...
EUVD-2009-0926
Malware in sbrugna...
EUVD-2021-24251
Malware in sbrugna...
EUVD-2004-2048
Malware in sbrugna...
EUVD-2018-8441
Malware in sbrugna...
CVE-2021-37770
Nucleus CMS v3.71 is affected by a file upload vulnerability. In this vulnerability, we can use upload to change the upload path to the path without the Htaccess file. Upload an Htaccess file and write it to AddType application / x-httpd-php.jpg. In this way, an attacker can upload a picture with...
CVE-2020-21474
File Upload vulnerability in NucleusCMS v.3.71 allows a remote attacker to execute arbitrary code via the /nucleus/plugins/skinfiles/?dir=rsd parameter...
Nucleus CMS 代码问题漏洞
Nucleus CMS is a website builder. A security vulnerability exists in NucleusCMS version v.3.71, which originates from allowing remote attackers to execute arbitrary code via the /nucleus/plugins/skinfiles/?dir=rsd parameter...
CVE-2021-37770
Nucleus CMS v3.71 is affected by a file upload vulnerability. In this vulnerability, we can use upload to change the upload path to the path without the Htaccess file. Upload an Htaccess file and write it to AddType application / x-httpd-php.jpg. In this way, an attacker can upload a picture with...
Privilege escalation
Nucleus CMS v3.71 is affected by a file upload vulnerability. In this vulnerability, we can use upload to change the upload path to the path without the Htaccess file. Upload an Htaccess file and write it to AddType application / x-httpd-php.jpg. In this way, an attacker can upload a picture with...
CVE-2021-37770
CVE-2021-37770 affects Nucleus CMS v3.71. The issue is a file upload vulnerability that bypasses the intended upload controls by enabling an Htaccess file to be written to an AddType mapping (application/x-httpd-php.jpg), allowing the uploaded image to be treated as PHP and execute commands. This...
CVE-2021-37770
Nucleus CMS v3.71 is affected by a file upload vulnerability. In this vulnerability, we can use upload to change the upload path to the path without the Htaccess file. Upload an Htaccess file and write it to AddType application / x-httpd-php.jpg. In this way, an attacker can upload a picture with...
Nucleus CMS 代码问题漏洞
Nucleus CMS is a website builder. A security vulnerability exists in Nucleus CMS version v3.71, which stems from the presence of a file upload vulnerability. An attacker can exploit this vulnerability to obtain sensitive information from a website...
CVE-2018-16636
Nucleus CMS 3.70 allows HTML Injection via the index.php body parameter...
CVE-2018-16636
Nucleus CMS 3.70 allows HTML Injection via the index.php body parameter...
Design/Logic Flaw
Nucleus CMS 3.70 allows HTML Injection via the index.php body parameter...
CVE-2018-16636
Nucleus CMS 3.70 allows HTML Injection via the index.php body parameter...
CVE-2015-5454
Cross-site scripting XSS vulnerability in Nucleus CMS allows remote attackers to inject arbitrary web script or HTML via the title parameter when adding a new item...
Cross site scripting
Cross-site scripting XSS vulnerability in Nucleus CMS allows remote attackers to inject arbitrary web script or HTML via the title parameter when adding a new item...