GHSA-6955-67HM-VJJQ Drupal core arbitrary PHP code execution

Drupal core sanitizes filenames with dangerous extensions upon upload and strips leading and trailing dots from filenames to prevent uploading server configuration files. However, the protections for these two vulnerabilities previously did not work correctly together. As a result, if the site we...

Drupal core arbitrary PHP code execution

Drupal core sanitizes filenames with dangerous extensions upon upload and strips leading and trailing dots from filenames to prevent uploading server configuration files. However, the protections for these two vulnerabilities previously did not work correctly together. As a result, if the site we...

Drupal core - Critical - Arbitrary PHP code execution - SA-CORE-2022-014

Updated 2022-07-20 19:45 UTC to indicate that this only affects Apache web servers. Drupal core sanitizes filenames with dangerous extensions upon upload reference: SA-CORE-2020-012 and strips leading and trailing dots from filenames to prevent uploading server configuration files reference:...

CVE-2022-32409

A local file inclusion LFI vulnerability in the component codemirror.php of Portal do Software Publico Brasileiro i3geo v7.0.5 allows attackers to execute arbitrary PHP code via a crafted HTTP request...

CVE-2022-32409

A local file inclusion LFI vulnerability in the component codemirror.php of Portal do Software Publico Brasileiro i3geo v7.0.5 allows attackers to execute arbitrary PHP code via a crafted HTTP request...

CVE-2022-29725

The CVE-2022-29725 entry concerns Creatiwity wityCMS 0.6.2, where an arbitrary file upload in the image upload component enables code execution via a crafted PHP file. Documents indicate this is exploitable over the network with low complexity and no user interaction, potentially causing high-imp...

Magento arbitrary PHP code execution via the productData parameter

The create function in app/code/core/Mage/Catalog/Model/Product/Api/V2.php in Magento Community Edition CE before 1.9.2.1 and Enterprise Edition EE before 1.14.2.1, when used with PHP before 5.4.24 or 5.5.8, allows remote authenticated users to execute arbitrary PHP code via the productData...

GHSA-J4FQ-3FM7-WH5V Magento arbitrary PHP code execution via the productData parameter

The create function in app/code/core/Mage/Catalog/Model/Product/Api/V2.php in Magento Community Edition CE before 1.9.2.1 and Enterprise Edition EE before 1.14.2.1, when used with PHP before 5.4.24 or 5.5.8, allows remote authenticated users to execute arbitrary PHP code via the productData...

TYPO3 vulnerable to remote authenticated arbitrary code execution

The File Abstraction Layer FAL in TYPO3 6.0.x before 6.0.9 and 6.1.x before 6.1.4 allows remote authenticated editors to execute arbitrary PHP code via unspecified characters in the file extension when renaming a file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4250...

GHSA-M76J-69C2-C3M8 TYPO3 vulnerable to remote authenticated arbitrary code execution

The File Abstraction Layer FAL in TYPO3 6.0.x before 6.0.9 and 6.1.x before 6.1.4 allows remote authenticated editors to execute arbitrary PHP code via unspecified characters in the file extension when renaming a file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4250...

GHSA-54JJ-PXX2-PV8H TYPO3 doesn't properly check file extensions

The 1 file upload component and 2 File Abstraction Layer FAL in TYPO3 6.0.x before 6.0.8 and 6.1.x before 6.1.3 do not properly check file extensions, which allow remote authenticated editors to execute arbitrary PHP code by uploading a .php file...

GHSA-RV57-479X-X4QV phpMyAdmin Code Injection vulnerability

phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 does not properly choose delimiters to prevent use of the pregreplace e aka eval modifier, which might allow remote attackers to execute arbitrary PHP code via a crafted string, as demonstrated by the table...

GHSA-2PMX-6MM6-6V72 Smarty arbitrary PHP code execution

Smarty before 3.1.21 allows remote attackers to bypass the secure mode restrictions and execute arbitrary PHP code as demonstrated by "literal" in a template...

GHSA-2F6R-892P-69G5 GeniXCMS arbitrary PHP code execution

In the Install Themes page in GeniXCMS 1.1.4, remote authenticated users can execute arbitrary PHP code via a .php file in a ZIP archive of a theme...

GeniXCMS arbitrary PHP code execution

In the Install Themes page in GeniXCMS 1.1.4, remote authenticated users can execute arbitrary PHP code via a .php file in a ZIP archive of a theme...

GHSA-Q263-J3Q9-G964 October CMS PHP Code Execution

October CMS build 412 is vulnerable to PHP code execution in the file upload functionality resulting in site compromise and possibly other applications on the server...

October CMS PHP Code Execution

October CMS build 412 is vulnerable to PHP code execution in the file upload functionality resulting in site compromise and possibly other applications on the server...

GHSA-3GX6-H57H-RM27 Drupal Core Remote Code Execution Vulnerability

Some field types do not properly sanitize data from non-form sources in Drupal 8.5.x before 8.5.11 and Drupal 8.6.x before 8.6.10. This can lead to arbitrary PHP code execution in some cases. A site is only affected by this if one of the following conditions is met: The site has the Drupal 8 core...

Elefant CMS PHP Code Execution Vulnerability

An issue was discovered in Elefant CMS before 2.0.7. There is a PHP Code Execution Vulnerability in /designer/add/stylesheet.php by using a .php extension in the New Stylesheet Name field in conjunction with ?php content, because of insufficient input validation in...

TYPO3 PHP remote file inclusion vulnerability

PHP remote file inclusion vulnerability in the autoloader in TYPO3 4.3.x before 4.3.3 allows remote attackers to execute arbitrary PHP code via a URL in an input field associated with the className variable...