CVE-2021-31933

A remote code execution vulnerability exists in Chamilo through 1.11.14 due to improper input sanitization of a parameter used for file uploads, and improper file-extension filtering for certain filenames e.g., .phar or .pht. A remote authenticated administrator is able to upload a file containin...

Remote code execution

A remote code execution vulnerability exists in Chamilo through 1.11.14 due to improper input sanitization of a parameter used for file uploads, and improper file-extension filtering for certain filenames e.g., .phar or .pht. A remote authenticated administrator is able to upload a file containin...

CVE-2021-31933

A remote code execution vulnerability exists in Chamilo through 1.11.14 due to improper input sanitization of a parameter used for file uploads, and improper file-extension filtering for certain filenames e.g., .phar or .pht. A remote authenticated administrator is able to upload a file containin...

rconfig 3.9.6 - Arbitrary File Upload to Remote Code Execution (Authenticated) Exploit (2)

Exploit Title: rconfig 3.9.6 - Arbitrary File Upload to Remote Code Execution Authenticated 2 Exploit Author: Vishwaraj Bhattrai Vendor Homepage: https://www.rconfig.com/ Software Link: https://www.rconfig.com/ Vendor: rConfig Version: = v3.9.6 Tested against Server Host: Linux+XAMPP import...

Invigo Automatic Device Management Command Injection Vulnerability

Invigo Automatic Device Management ADM is a native management tool for cellular operators that enables them to detect, maintain and manage millions of devices cost-effectively and with a high degree of reliability. A command injection vulnerability exists in /admin/broadcast.php in Invigo Automat...

CVE-2020-10580

A command injection on the /admin/broadcast.php script of Invigo Automatic Device Management ADM through 5.0 allows remote authenticated attackers to execute arbitrary PHP code on the server as the user running the application...

Moodle < 3.5.16, 3.8.x < 3.8.7, 3.9.x < 3.9.4, 3.10.x < 3.10.1 Multiple Vulnerabilities

Moodle is prone to multiple vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Cockpit CMS Remote Code Execution

Cockpit CMS 0.6.1 - Remote Code Execution Product: Cockpit CMS https://getcockpit.com Version: Cockpit CMS = 0.6.1...

74CMS PHP Remote File Inclusion Vulnerability

Knight CMS 74cms is a free website management system based on PHP+MYSQL, providing perfect talent recruitment website construction program. There is a PHP remote file inclusion vulnerability in the assignresumetpl method in Application/Common/Controller/BaseController.class.php in versions prior ...

Drupal core - Critical - Arbitrary PHP code execution - SA-CORE-2020-013

The Drupal project uses the PEAR ArchiveTar library. The PEAR ArchiveTar library has released a security update that impacts Drupal. For more information please see: CVE-2020-28948 CVE-2020-28949 Multiple vulnerabilities are possible if Drupal is configured to allow .tar, .tar.gz, .bz2, or .tlz...

HorizontCMS File Upload Vulnerability

HorizontCMS is an open source, responsive content management system CMS built on Laravel 6, VueJs 2.6 and Bootstrap 3.4. HorizontCMS 1.0.0-beta is vulnerable to unrestricted file uploads. An attacker can exploit this vulnerability to upload PHP code via zip file and execute PHP files via HTTP GET...

CMSuno Code Injection Vulnerability (CNVD-2020-63993)

CMSUno is an easy and handy tool for creating one-page responsive websites. A code injection vulnerability exists in CMSuno 1.6.2. This vulnerability can be exploited to inject malicious code into the "lang" parameter of /uno/central.php and run this PHP code in a web page to take over control of...

PT-2020-16680 · Horizontcms · Horizontcms

Name of the Vulnerable Software and Affected Versions: HorizontCMS versions prior to 1.0.0-beta patched, but version number remains the same Description: The issue allows an authenticated remote attacker with access to the FileManager to upload and execute arbitrary PHP code. This is achieved by...

CVE-2020-18185

class.plx.admin.php in PluXml 5.7 allows attackers to execute arbitrary PHP code by modify the configuration file in a linux environment...

CVE-2020-18185

Removed by vendor...

CVE-2020-18185

Affected software : PluXml 5.7. Vulnerability component : class.plx.admin.php. Root cause / impact : Allows attackers to execute arbitrary PHP code by modifying the configuration file in a Linux environment, enabling code execution with the stated impact to confidentiality, integrity, and availab...

B-swiss 3 Digital Signage System 3.6.5 - Remote Code Execution

Exploit Title: B-swiss 3 Digital Signage System 3.6.5 - Remote Code Execution Date: 2020-08-27 Exploit Author: LiquidWorm Vendor Homepage: https://www.b-swiss.com Version: = 3.6.5 CVE : N/A !/usr/bin/env python3 -- coding: utf-8 -- B-swiss 3 Digital Signage System 3.6.5 Backdoor Remote Code...

CVE-2020-25790

Summary: CVE-2020-25790 affects Typesetter CMS 5.x through 5.1. A ZIP upload feature allows an admin to place a PHP file inside the archive and, after extraction, execute the code, leading to arbitrary code execution. Root cause: uploaded ZIP contents can be executed via the web interface, confli...

B-swiss 3 Digital Signage System 3.6.5 Backdoor Remote Code Execution

Summary Intelligent digital signage made easy. To go beyond the possibilities offered, b-swiss allows you to create the communication solution for your specific needs and your graphic charter. You benefit from our experience and know-how in the realization of your digital signage project...

PT-2020-16210 · Typesetter · Typesetter Cms

Name of the Vulnerable Software and Affected Versions: Typesetter CMS versions 5.x through 5.1 Description: The issue allows admins to upload and execute arbitrary PHP code via a .php file inside a ZIP archive. This behavior contradicts the security policy, and the vendor is fixing it for version...