9 matches found
CVE-2019-25687
Pegasus CMS 1.0 contains a remote code execution vulnerability in the extrafields.php plugin that allows unauthenticated attackers to execute arbitrary commands by exploiting unsafe eval functionality. Attackers can send POST requests to the submit.php endpoint with malicious PHP code in the acti...
CVE-2019-25687
Pegasus CMS 1.0 is affected by a remote code execution vulnerability in the extra_fields.php plugin. The flaw arises from unsafe eval usage, allowing unauthenticated attackers to send malicious PHP code via the action parameter in POST requests to submit.php, achieving code execution and an inter...
CVE-2019-25687 Pegasus CMS 1.0 Remote Code Execution via extra_fields.php
Pegasus CMS 1.0 contains a remote code execution vulnerability in the extrafields.php plugin that allows unauthenticated attackers to execute arbitrary commands by exploiting unsafe eval functionality. Attackers can send POST requests to the submit.php endpoint with malicious PHP code in the acti...
CVE-2019-25687
Pegasus CMS 1.0 contains a remote code execution vulnerability in the extrafields.php plugin that allows unauthenticated attackers to execute arbitrary commands by exploiting unsafe eval functionality. Attackers can send POST requests to the submit.php endpoint with malicious PHP code in the acti...
WISDOM Pegasus CMS 路径遍历漏洞
WISDOM Pegasus CMS is a content management system developed by the Australian company WISDOM. Version 1.0 of WISDOM Pegasus CMS has a path traversal vulnerability. This vulnerability stems from a remote code execution vulnerability in the extrafields.php plugin, which may allow unverified attacke...
Pegasus CMS 1.0 - extra_fields.php Plugin Remote Code Execution
Pegasus CMS 1.0 - extrafields.php Plugin Remote Code Execution Exploit Title: Pegasus extrafields.php Plugin Remote Code Execution Date: 14 March 2019 Exploit Author: R3zk0n Vendor Homepage: https://www.wisdom.com.au/web/pegasus-cms Software Link: N/A Version: 1.0 Tested on: Linux CVE : N/A The...
Pegasus CMS 1.0 - 'extra_fields.php' Plugin Remote Code Execution
Exploit Title: Pegasus extrafields.php Plugin Remote Code Execution Date: 14 March 2019 Exploit Author: R3zk0n Vendor Homepage: https://www.wisdom.com.au/web/pegasus-cms Software Link: N/A Version: 1.0 Tested on: Linux CVE : N/A The Pegasus CMS is vulnerable to directory travaseral and Remote cod...
Pegasus CMS 1.0 - (extra_fields.php) Plugin Remote Code Execution Exploit
Exploit for php platform in category web applications Exploit Title: Pegasus extrafields.php Plugin Remote Code Execution Date: 14 March 2019 Exploit Author: R3zk0n Vendor Homepage: https://www.wisdom.com.au/web/pegasus-cms Software Link: N/A Version: 1.0 Tested on: Linux CVE : N/A The Pegasus CM...
Pegasus CMS 1.0 Remote Code Execution
Exploit Title: Pegasus extrafields.php Plugin Remote Code Execution Date: 14 March 2019 Exploit Author: R3zk0n Vendor Homepage: https://www.wisdom.com.au/web/pegasus-cms Software Link: N/A Version: 1.0 Tested on: Linux CVE : N/A The Pegasus CMS is vulnerable to directory travaseral and Remote cod...