CVE-2020-11803

An issue was discovered in Titan SpamTitan 7.07. Improper sanitization of the parameter jaction when interacting with the page mailqueue.php could lead to PHP code evaluation server-side, because the user-provided input is passed directly to the php eval function. The user has to be authenticated...

Fedora 32 : drupal8 (2020-a064e7dd38)

https://www.drupal.org/project/drupal/releases/8.9.5 - https://www.drupal.org/project/drupal/releases/8.9.4 - https://www.drupal.org/project/drupal/releases/8.9.3 - https://www.drupal.org/project/drupal/releases/8.9.2 - https://www.drupal.org/project/drupal/releases/8.9.1 - Drupal core - Critical...

CVE-2020-25213

The File Manager wp-file-manager plugin before 6.9 for WordPress allows remote attackers to upload and execute arbitrary PHP code because it renames an unsafe example elFinder connector file to have the .php extension. This, for example, allows attackers to run the elFinder upload or mkfile and p...

openSIS 7.4 Unauthenticated PHP Code Execution Exploit

This Metasploit module exploits multiple vulnerabilities in openSIS 7.4 and prior versions which could be abused by unauthenticated attackers to execute arbitrary PHP code with the permissions of the webserver. The exploit chain abuses an incorrect access control issue which allows access to...

openSIS 7.4 Unauthenticated PHP Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'openSIS Unauthenticated PHP Code Execution', 'Description' = %q This module exploits multiple vulnerabilities in openSIS 7.4 and prior versions...

openSIS Unauthenticated PHP Code Execution

This module exploits multiple vulnerabilities in openSIS 7.4 and prior versions which could be abused by unauthenticated attackers to execute arbitrary PHP code with the permissions of the webserver. The exploit chain abuses an incorrect access control issue which allows access to scripts which...

Drupal 8.8.x < 8.8.8 Multiple Vulnerabilities

According to its self-reported version, the instance of Drupal running on the remote web server is 7.0.x prior to 7.72, 8.8.x prior to 8.8.8, 8.9.x prior to 8.9.1 or 9.0.x prior to 9.0.1. It is, therefore, affected by multilple vulnerabilities : - A Cross-Site Request Forgery CSRF due to...

Drupal 7.x < 7.72 Multiple Vulnerabilities

According to its self-reported version, the instance of Drupal running on the remote web server is 7.0.x prior to 7.72, 8.8.x prior to 8.8.8, 8.9.x prior to 8.9.1 or 9.0.x prior to 9.0.1. It is, therefore, affected by multilple vulnerabilities : - A Cross-Site Request Forgery CSRF due to...

Drupal 9.0.x < 9.0.1 Multiple Vulnerabilities

According to its self-reported version, the instance of Drupal running on the remote web server is 7.0.x prior to 7.72, 8.8.x prior to 8.8.8, 8.9.x prior to 8.9.1 or 9.0.x prior to 9.0.1. It is, therefore, affected by multilple vulnerabilities : - A Cross-Site Request Forgery CSRF due to...

Drupal 8.x, 9.x Multiple Vulnerabilities (SA-CORE-2020-005, SA-CORE-2020-006) - Linux

Drupal is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:drupal:drupal"; ifdescription...

Drupal 8.x, 9.x Multiple Vulnerabilities (SA-CORE-2020-005, SA-CORE-2020-006) - Windows

Drupal is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:drupal:drupal"; ifdescription...

Navigate CMS 2.8.7 - Authenticated Directory Traversal

Exploit Title: Navigate CMS 2.8.7 - Authenticated Directory Traversal Date: 2020-06-04 Exploit Author: Gus Ralph Vendor Homepage: https://www.navigatecms.com/en/home Software Link: https://sourceforge.net/projects/navigatecms/files/releases/navigate-2.8.7r1401.zip/download Version: 2.8.7 Tested o...

OXID eShop 6.3.4 SQL Injection

Exploit Title: OXID eShop 6.3.4 - 'sorting' SQL Injection Date: 2019-07-29 Exploit Author: VulnSpy Vendor Homepage: https://www.oxid-esales.com/ Software Link: https://github.com/OXID-eSales/oxideshopce Version: Versions 6.x prior to 6.3.4 Tested on:...

OXID eShop 6.3.4 - (sorting) SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: OXID eShop 6.3.4 - 'sorting' SQL Injection Exploit Author: VulnSpy Vendor Homepage: https://www.oxid-esales.com/ Software Link: https://github.com/OXID-eSales/oxideshopce Version: Versions 6.x prior to 6.3.4 Tested on:...

OXID eShop 6.3.4 - &#039;sorting&#039; SQL Injection

Exploit Title: OXID eShop 6.3.4 - 'sorting' SQL Injection Date: 2019-07-29 Exploit Author: VulnSpy Vendor Homepage: https://www.oxid-esales.com/ Software Link: https://github.com/OXID-eSales/oxideshopce Version: Versions 6.x prior to 6.3.4 Tested on:...

Sourcefabric Newscoop Code Issue Vulnerability

Sourcefabric Newscoop is a content management system. A code issue vulnerability exists in Sourcefabric Newscoop version 4.4.7. An attacker can exploit this vulnerability to execute arbitrary PHP code on the server...

Unspecified Vulnerability in Blaauw Remote Kiln Control (CNVD-2020-28489)

The Blaauw Remote Kiln Control is an automated ceramic kiln controller from Blaauw in the Netherlands. An unspecified vulnerability exists in Blaauw Remote Kiln Control. The vulnerability can be exploited to execute arbitrary PHP code via /default.php?idx=17...

CVE-2019-18869

CVE-2019-18869 affects Blaauw Remote Kiln Control (v3.00r4); leftover debug code in default.php?idx=17 allows arbitrary PHP code execution. Root cause: debug artifacts accessible via web interface, enabling full control over the PHP process. Public descriptions across Red Hat/EUVD/CNVD/NVD family...

Mail.ru: Unrestricted file upload on [ambassador.mail.ru]

PHP code execution was possible via file upload functionality in ambassador.mail.ru An attacker was able to execute arbitrary PHP code on the server through the image uploading functionality. The vulnerability was quickly fixed by the Mail.ru team...

EUVD-2020-29487

An unrestricted file upload vulnerability in keywordsImport.php in TestLink 1.9.20 allows remote attackers to execute arbitrary code by uploading a file with an executable extension. This allows an authenticated attacker to upload a malicious file containing PHP code to execute operating system...