163 matches found
CVE-2019-9617
An issue was discovered in OFCMS before 1.1.3. Remote attackers can execute arbitrary code because blocking of .jsp and .jspx files does not consider for example file.jsp::$DATA to the admin/ueditor/uploadFile URI...
Code injection
An issue was discovered in OFCMS before 1.1.3. Remote attackers can execute arbitrary code because blocking of .jsp and .jspx files does not consider for example file.jsp::$DATA to the admin/ueditor/uploadFile URI...
CVE-2019-9612
An issue was discovered in OFCMS before 1.1.3. Remote attackers can execute arbitrary code because blocking of .jsp and .jspx files does not consider for example file.jsp::$DATA to the admin/comn/service/upload URI...
CVE-2019-9611
An issue was discovered in OFCMS before 1.1.3. It allows admin/cms/template/getTemplates.html?respath=res directory traversal, with ../ in the dir parameter, to write arbitrary content in the filecontent parameter into an arbitrary file specified by the filename parameter. This is related to the...
CVE-2019-9614
CVE-2019-9614 affects OFCMS prior to 1.1.3. A command injection vulnerability exists in a template file that uses ${ ex('') }, enabling execution of arbitrary commands. Multiple connected sources corroborate this flaw and specify that the vulnerability arises from a Freemarker-based template mec...
CVE-2019-9613
An issue was discovered in OFCMS before 1.1.3. Remote attackers can execute arbitrary code because blocking of .jsp and .jspx files does not consider for example file.jsp::$DATA to the admin/ueditor/uploadVideo URI...
CVE-2019-9612
An issue was discovered in OFCMS before 1.1.3. Remote attackers can execute arbitrary code because blocking of .jsp and .jspx files does not consider for example file.jsp::$DATA to the admin/comn/service/upload URI...
CVE-2019-9616
An issue was discovered in OFCMS before 1.1.3. Remote attackers can execute arbitrary code because blocking of .jsp and .jspx files does not consider for example file.jsp::$DATA to the admin/ueditor/uploadScrawl URI...
CVE-2019-9609
An issue was discovered in OFCMS before 1.1.3. Remote attackers can execute arbitrary code because blocking of .jsp and .jspx files does not consider for example file.jsp::$DATA to the admin/comn/service/editUploadImage URI...
CVE-2019-9610
An issue was discovered in OFCMS before 1.1.3. It has admin/cms/template/getTemplates.html?respath=res&updir=../ directory traversal, related to the getTemplates function in TemplateController.java...
CVE-2019-9615
An issue was discovered in OFCMS before 1.1.3. It allows admin/system/generate/create?sql= SQL injection, related to SystemGenerateController.java...
CVE-2019-9608
An issue was discovered in OFCMS before 1.1.3. Remote attackers can execute arbitrary code because blocking of .jsp and .jspx files does not consider for example file.jsp::$DATA to the admin/ueditor/uploadImage URI...
CVE-2019-9617
An issue was discovered in OFCMS before 1.1.3. Remote attackers can execute arbitrary code because blocking of .jsp and .jspx files does not consider for example file.jsp::$DATA to the admin/ueditor/uploadFile URI...
CVE-2019-9614
An issue was discovered in OFCMS before 1.1.3. A command execution vulnerability exists via a template file with ' $ ex"' followed by the command...
CVE-2019-9608
CVE-2019-9608 affects OFCMS prior to 1.1.3. The vulnerability arises in the backend ueditor/uploadImage path where blocking of .jsp/.jspx files does not account for file.jsp::$DATA, enabling remote attackers to execute arbitrary code. Public references in CNVD, NVD and Red Hat records corroborate...
CVE-2019-9611
CVE-2019-9611 affects OFCMS prior to 1.1.3. The issue enables a directory traversal via the admin/cms/template/getTemplates.html?res_path=res parameter, allowing ../ in dir to write arbitrary content (file_content) to an arbitrary file (file_name). Root cause: save function in TemplateController....
CVE-2019-9609
CVE-2019-9609 affects OFCMS prior to 1.1.3. The issue arises because blocking of .jsp/.jspx files does not account for file.jsp::$DATA when targeting the admin/comn/service/editUploadImage URI, enabling remote attackers to execute arbitrary code. Product: OFCMS; version: before 1.1.3; component: ...
CVE-2019-9617
CVE-2019-9617 affects OFCMS prior to 1.1.3. The issue is a remote code execution vector where blocking of *.jsp and *.jspx files does not consider file.jsp::$DATA in the admin/ueditor/uploadFile URI, enabling arbitrary code execution. The connected sources confirm the affected product/version and...
CVE-2019-9613
CVE-2019-9613 affects OFCMS prior to 1.1.3. The issue arises in the backend ueditor/uploadVideo handling where blocking of .jsp and .jspx files fails to consider file.jsp::$DATA, enabling remote attackers to execute arbitrary code via the admin/ueditor/uploadVideo URI. Documents consistently desc...
CVE-2019-9615
CVE-2019-9615 affects OFCMS prior to 1.1.3. The backend SQL injection is reachable via admin/system/generate/create?sql= and is attributed to SystemGenerateController.java. The vulnerability allows injection through the SQL parameter, enabling a attacker-controlled query that could impact data in...