7206 matches found
TOCTOU Race Condition enabling remote code execution
Impact The whitespace normalisation using in 1.x and 2.x removes any unicode whitespace. Under certain specific conditions this could potentially allow a malicious user to execute code remotely. The conditions: - A user is allowed to supply the path or filename of an uploaded file. - The supplied...
CVE-2013-20002
Elemin allows remote attackers to upload and execute arbitrary PHP code via the Themify framework before 1.2.2 wp-content/themes/elemin/themify/themify-ajax.php file...
Code injection
Elemin allows remote attackers to upload and execute arbitrary PHP code via the Themify framework before 1.2.2 wp-content/themes/elemin/themify/themify-ajax.php file...
CVE-2020-25414
A local file inclusion vulnerability was discovered in the captcha function in Monstra 3.0.4 which allows remote attackers to execute arbitrary PHP code...
CVE-2020-25414
A local file inclusion vulnerability was discovered in the captcha function in Monstra 3.0.4 which allows remote attackers to execute arbitrary PHP code...
Remote file inclusion
A local file inclusion vulnerability was discovered in the captcha function in Monstra 3.0.4 which allows remote attackers to execute arbitrary PHP code...
CVE-2021-34128
LaikeTui 3.5.0 allows remote authenticated users to execute arbitrary PHP code by using index.php?module=system&action=pay to upload a ZIP archive containing a .php file, as demonstrated by the ../../../../phpinfo.php pathname...
Code injection
LaikeTui 3.5.0 allows remote authenticated users to execute arbitrary PHP code by using index.php?module=system&action=pay to upload a ZIP archive containing a .php file, as demonstrated by the ../../../../phpinfo.php pathname...
CVE-2021-34128
LaikeTui 3.5.0 allows remote authenticated users to execute arbitrary PHP code by using index.php?module=system&action=pay to upload a ZIP archive containing a .php file, as demonstrated by the ../../../../phpinfo.php pathname...
Unrestricted File Upload
studio-42/elfinder allows unrestricted file uploads. An attacker is able to upload PHP code in a .phar file and obtain arbitrary code execution on the host OS...
SuiteCRM Log File Remote Code Execution Exploit
This Metasploit module exploits an input validation error on the log file extension parameter. It does not properly validate upper/lower case characters. Once this occurs, the application log file will be treated as a php file. The log file can then be populated with php code by changing the...
Monstra CMS 3.0.4 Remote Code Execution
Exploit Title: Monstra CMS 3.0.4 - Remote Code Execution Authenticated Date: 03.06.2021 Exploit Author: Ron Jost hacker5preme Vendor Homepage: https://monstra.org/ Software Link: https://monstra.org/monstra-3.0.4.zip Version: 3.0.4 Tested on: Ubuntu 20.04 CVE: CVE-2018-6383 Documentation:...
Monstra CMS 3.0.4 - Remote Code Execution (Authenticated)
Exploit Title: Monstra CMS 3.0.4 - Remote Code Execution Authenticated Date: 03.06.2021 Exploit Author: Ron Jost hacker5preme Vendor Homepage: https://monstra.org/ Software Link: https://monstra.org/monstra-3.0.4.zip Version: 3.0.4 Tested on: Ubuntu 20.04 CVE: CVE-2018-6383 Documentation:...
Monstra CMS 3.0.4 - Remote Code Execution (Authenticated) Exploit
Exploit Title: Monstra CMS 3.0.4 - Remote Code Execution Authenticated Exploit Author: Ron Jost hacker5preme Vendor Homepage: https://monstra.org/ Software Link: https://monstra.org/monstra-3.0.4.zip Version: 3.0.4 Tested on: Ubuntu 20.04 CVE: CVE-2018-6383 Documentation:...
SuiteCRM Log File Remote Code Execution
This module exploits an input validation error on the log file extension parameter. It does not properly validate upper/lower case characters. Once this occurs, the application log file will be treated as a php file. The log file can then be populated with php code by changing the username of a...
Invision Community Code Injection Vulnerability
Invision Community is a software for designing and developing mobile application UI from Invision, Inc. in the United States. A code injection vulnerability exists in versions prior to Invision Community 4.6.0, which can be exploited by attackers to inject and execute arbitrary PHP code...
CVE-2021-32924
Invision Community aka IPS Community Suite before 4.6.0 allows eval-based PHP code injection by a moderator because the IPS\cms\modules\front\pages\builder::previewBlock method interacts unsafely with the IPS\Theme::runProcessFunction method...
CVE-2021-32924
Invision Community aka IPS Community Suite before 4.6.0 allows eval-based PHP code injection by a moderator because the IPS\cms\modules\front\pages\builder::previewBlock method interacts unsafely with the IPS\Theme::runProcessFunction method...
CVE-2021-32924
Invision Community (IPS Community Suite) before 4.6.0 is vulnerable to an eval-based PHP code injection via the moderator-accessible previewBlock path in IPS\cms\modules\front\pages_builder::previewBlock, which interacts unsafely with IPS_Theme::runProcessFunction. Root cause: unsafe handling ena...
IPS Community Suite 4.5.4.2 PHP Code Injection
------------------------------------------------------------------------------ IPS Community Suite = 4.5.4.2 previewBlock PHP Code Injection Vulnerability ------------------------------------------------------------------------------ - Software Link: https://invisioncommunity.com - Affected...