CVE-2021-40845

The web part of Zenitel AlphaCom XE Audio Server through 11.2.3.10, called AlphaWeb XE, does not restrict file upload in the Custom Scripts section at php/index.php. Neither the content nor extension of the uploaded files is checked, allowing execution of PHP code under the /cmd directory...

Design/Logic Flaw

The web part of Zenitel AlphaCom XE Audio Server through 11.2.3.10, called AlphaWeb XE, does not restrict file upload in the Custom Scripts section at php/index.php. Neither the content nor extension of the uploaded files is checked, allowing execution of PHP code under the /cmd directory...

CVE-2021-40845

The web part of Zenitel AlphaCom XE Audio Server through 11.2.3.10, called AlphaWeb XE, does not restrict file upload in the Custom Scripts section at php/index.php. Neither the content nor extension of the uploaded files is checked, allowing execution of PHP code under the /cmd directory...

Online Traffic Offense Management System 1.0 - Remote Code Execution (RCE) (Unauthenticated)

Exploit Title: Online Traffic Offense Management System 1.0 - Remote Code Execution RCE Unauthenticated Date: 20-08-2021 Exploit Author: Halit AKAYDIN hLtAkydn Vendor Homepage: https://www.sourcecodester.com Software Link:...

Online Traffic Offense Management System 1.0 - Remote Code Execution (Unauthenticated) Exploit

Exploit Title: Online Traffic Offense Management System 1.0 - Remote Code Execution RCE Unauthenticated Exploit Author: Halit AKAYDIN hLtAkydn Vendor Homepage: https://www.sourcecodester.com Software Link:...

CVE-2021-21804

A local file inclusion LFI vulnerability exists in the options.php script functionality of Advantech R-SeeNet v 2.4.12 20.10.2020. A specially crafted HTTP request can lead to arbitrary PHP code execution. An attacker can send a crafted HTTP request to trigger this vulnerability...

CVE-2021-21804

Advantech R-SeeNet v2.4.12 contains a local file inclusion (LFI) in options.php where unsanitized user input ($sub_opt) is passed to include, enabling arbitrary PHP code execution. The TALOS writeup confirms an exploitable path via crafted HTTP requests (example uses php://filter to read config.i...

Advantech R-SeeNet File Inclusion Vulnerability

Advantech R-SeeNet is an industrial monitoring software from Advantech, Taiwan, China. The software is based on the snmp protocol for monitoring platforms and is available for Linux and Windows platforms.Advantech R-SeeNet suffers from a file inclusion vulnerability, which stems from the failure ...

Advantech R-SeeNet options.php local file inclusion (LFI) vulnerability

Summary A local file inclusion LFI vulnerability exists in the options.php script functionality of Advantech R-SeeNet v 2.4.12 20.10.2020. A specially crafted HTTP request can lead to arbitrary PHP code execution. An attacker can send a crafted HTTP request to trigger this vulnerability. Tested...

Advantech R-SeeNet 安全漏洞

Advantech R-SeeNet is an industrial monitoring software from Advantech, Taiwan, China. The software is based on the snmp protocol for monitoring platforms and is available for Linux and Windows platforms.Advantech R-SeeNet suffers from a file inclusion vulnerability, which stems from the failure ...

Advisory ROSA-SA-2021-1809

Software: bolt 0.7 OS: Cobalt 7.9 CVE-ID: CVE-2015-7309 CVE-Crit: HIGH CVE-DESC: The theme editor in Bolt before 2.2.5 does not check the file extension when renaming files, allowing remote authenticated users to execute arbitrary code by renaming a created file and then directly accessing it...

TOCTOU Race Condition enabling remote code execution

Impact The whitespace normalisation using in 1.x and 2.x removes any unicode whitespace. Under certain specific conditions this could potentially allow a malicious user to execute code remotely. The conditions: - A user is allowed to supply the path or filename of an uploaded file. - The supplied...

CVE-2013-20002

Elemin allows remote attackers to upload and execute arbitrary PHP code via the Themify framework before 1.2.2 wp-content/themes/elemin/themify/themify-ajax.php file...

Unrestricted File Upload

studio-42/elfinder allows unrestricted file uploads. An attacker is able to upload PHP code in a .phar file and obtain arbitrary code execution on the host OS...

Invision Community Code Injection Vulnerability

Invision Community is a software for designing and developing mobile application UI from Invision, Inc. in the United States. A code injection vulnerability exists in versions prior to Invision Community 4.6.0, which can be exploited by attackers to inject and execute arbitrary PHP code...

CVE-2020-13664

Removed by vendor...

Bypass of fix for CVE-2020-26231, Twig sandbox escape

Impact A bypass of CVE-2020-26231 fixed in 1.0.470/471 and 1.1.1 was discovered that has the same impact as CVE-2020-26231 & CVE-2020-15247: An authenticated backend user with the cms.managepages, cms.managelayouts, or cms.managepartials permissions who would normally not be permitted to provide...

CVE-2021-21264 Bypass of fix for CVE-2020-26231, Twig sandbox escape

October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. A bypass of CVE-2020-26231 fixed in 1.0.470/471 and 1.1.1 was discovered that has the same impact as CVE-2020-26231 & CVE-2020-15247. An authenticated backend user with the cms.managepages,...

October CMS 安全漏洞

October CMS is an open source content management system CMS based on PHP and the Laravel web application framework. October CMS has a security vulnerability that exists from an incomplete implementation of the previously patched vulnerabilities VU48707 and VU48710 patches. A remote authenticated...

CVE-2021-31933

A remote code execution vulnerability exists in Chamilo through 1.11.14 due to improper input sanitization of a parameter used for file uploads, and improper file-extension filtering for certain filenames e.g., .phar or .pht. A remote authenticated administrator is able to upload a file containin...