CVE-2022-29221 PHP Code Injection by malicious block or filename in Smarty

Smarty is a template engine for PHP, facilitating the separation of presentation HTML/CSS from application logic. Prior to versions 3.1.45 and 4.1.1, template authors could inject php code by choosing a malicious block name or include file name. Sites that cannot fully trust template authors shou...

PHP Code Injection by malicious block or filename

Impact Template authors could inject php code by choosing a malicous block name or include file name. Sites that cannot fully trust template authors should update asap. Patches Please upgrade to the most recent version of Smarty v3 or v4. Workarounds Is there a way for users to fix or remediate t...

GHSA-5C58-W9XC-QCJ9 Symfony Vulnerable to PHP Eval Injection

Applications with ESI support and SSI support as of Symfony 2.6 enabled and using the Symfony built-in reverse proxy the Symfony\Component\HttpKernel\HttpCache class are vulnerable to PHP code injection; a malicious user can inject PHP code that will be executed by the server. HttpCache uses eval...

Symphony Vulnerable to PHP Code Injection via YAML Parsing

The Yaml::parse function in Symfony 2.0.x before 2.0.22 remote attackers to execute arbitrary PHP code via a PHP file, a different vulnerability than CVE-2013-1397...

phpMyAdmin PHP code injection

An issue was discovered in phpMyAdmin. A specially crafted database name could be used to run arbitrary PHP commands through the array export feature. All 4.6.x versions prior to 4.6.4, 4.4.x versions prior to 4.4.15.8, and 4.0.x versions prior to 4.0.10.17 are affected...

GHSA-R342-VJC4-WRMJ Craft CMS PHP Code Injection Vulnerability

Craft CMS 2.6.3000 allows remote attackers to execute arbitrary PHP code by using the "Assets-Upload files" screen and then the "Replace it" option, because this allows a .jpg file to have embedded PHP code, and then be renamed to a .php extension...

Mageia: Security Advisory (MGASA-2017-0141)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2018-0118)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

WordPress Loco Translate plugin <= 2.5.3 - Authenticated PHP Code Injection vulnerability

Authenticated PHP Code Injection vulnerability discovered by Tomi Ashari in WordPress Loco Translate plugin versions = 2.5.3. Solution Update the WordPress Loco Translate plugin to the latest available version at least 2.5.4...

Loco Translate < 2.5.4 - Authenticated PHP Code Injection

The plugin mishandles data inputs which get saved to a file, which can be renamed to an extension ending in .php, resulting in authenticated "translator" users being able to inject PHP code into files ending with .php in web accessible locations. 1. Using a User with the translator role, navigate...

Code injection

LaikeTui 3.5.0 allows remote authenticated users to execute arbitrary PHP code by using index.php?module=system&action=pay to upload a ZIP archive containing a .php file, as demonstrated by the ../../../../phpinfo.php pathname...

CVE-2021-32924

Invision Community aka IPS Community Suite before 4.6.0 allows eval-based PHP code injection by a moderator because the IPS\cms\modules\front\pages\builder::previewBlock method interacts unsafely with the IPS\Theme::runProcessFunction method...

CVE-2021-32924

Invision Community aka IPS Community Suite before 4.6.0 allows eval-based PHP code injection by a moderator because the IPS\cms\modules\front\pages\builder::previewBlock method interacts unsafely with the IPS\Theme::runProcessFunction method...

CVE-2021-32924

Invision Community (IPS Community Suite) before 4.6.0 is vulnerable to an eval-based PHP code injection via the moderator-accessible previewBlock path in IPS\cms\modules\front\pages_builder::previewBlock, which interacts unsafely with IPS_Theme::runProcessFunction. Root cause: unsafe handling ena...

IPS Community Suite 4.5.4.2 PHP Code Injection

------------------------------------------------------------------------------ IPS Community Suite = 4.5.4.2 previewBlock PHP Code Injection Vulnerability ------------------------------------------------------------------------------ - Software Link: https://invisioncommunity.com - Affected...

GetSimple CMS My SMTP Contact 1.1.1 CSRF/ XSS / Code Execution

Exploit Title: GetSimple CMS My SMTP Contact Plugin = v1.1.1 - CSRF to Stored XSS to RCE Exploit Author: Bobby Cooke boku Date: April 22nd, 2021 Vendor Homepage: http://get-simple.info & Software Link: http://get-simple.info/download/ Version: Exploit = v1.1.1 | Stored XSS = v1.1.2 Tested against...

GetSimple CMS My SMTP Contact Plugin 1.1.2 - CSRF to Stored XSS to RCE Exploit

Exploit Title: GetSimple CMS My SMTP Contact Plugin 1.1.2 - CSRF to Stored XSS to RCE Exploit Author: Bobby Cooke boku Vendor Homepage: http://get-simple.info & Software Link: http://get-simple.info/download/ Version: Exploit = v1.1.1 | Stored XSS = v1.1.2 Tested against Server Host: Windows 10 P...

GetSimple CMS My SMTP Contact Plugin 1.1.1 - CSRF to Remote Code Execution Exploit

Exploit Title: GetSimple CMS My SMTP Contact Plugin 1.1.1 - CSRF to RCE Exploit Author: Bobby Cooke boku Vendor Homepage: http://get-simple.info Software Link: http://get-simple.info/extend/download.php?file=files/18274/1221/my-smtp-contact1.1.1.zip&id=1221 Vendor: NetExplorer Version: = v1.1.1...

GetSimple CMS My SMTP Contact 1.1.1 CSRF / Remote Code Execution

Exploit Title: GetSimple CMS My SMTP Contact Plugin = v1.1.1 - CSRF to RCE Exploit Author: Bobby Cooke boku Date: April 15th, 2021 Vendor Homepage: http://get-simple.info Software Link: http://get-simple.info/extend/download.php?file=files/18274/1221/my-smtp-contact1.1.1.zip&id=1221 Vendor:...

GetSimple CMS My SMTP Contact Plugin 1.1.1 - Cross-Site Request Forgery

Exploit Title: GetSimple CMS My SMTP Contact Plugin 1.1.1 - CSRF to RCE Exploit Author: Bobby Cooke boku Date: 15/04/2021 Vendor Homepage: http://get-simple.info Software Link: http://get-simple.info/extend/download.php?file=files/18274/1221/my-smtp-contact1.1.1.zip&id=1221 Vendor: NetExplorer...