CVE-2020-35131

Cockpit before 0.6.1 allows an attacker to inject custom PHP code and achieve Remote Command Execution via registerCriteriaFunction in lib/MongoLite/Database.php, as demonstrated by values in JSON data to the /auth/check or /auth/requestreset URI...

PT-2021-11714 · Cockpit · Cockpit

Name of the Vulnerable Software and Affected Versions: Cockpit versions prior to 0.6.1 Description: The issue allows an attacker to inject custom PHP code and achieve Remote Command Execution via the registerCriteriaFunction in lib/MongoLite/Database.php. This can be demonstrated by sending value...

Cockpit CMS Remote Code Execution

Cockpit CMS 0.6.1 - Remote Code Execution Product: Cockpit CMS https://getcockpit.com Version: Cockpit CMS = 0.6.1...

CVE-2020-35627

Ultimate WooCommerce Gift Cards 3.0.2 is affected by a file upload vulnerability in the Custom GiftCard Template that can remotely execute arbitrary code. Once it contains the function "Custom Gift Card Template", the function of uploading a custom image is used, changing the name of the image...

CVE-2020-35627

Ultimate WooCommerce Gift Cards 3.0.2 is affected by a file upload vulnerability in the Custom GiftCard Template that can remotely execute arbitrary code. Once it contains the function "Custom Gift Card Template", the function of uploading a custom image is used, changing the name of the image...

Remote Code Execution

Horde Groupware Webmail is vulnerable to remote code execution. An authenticated remote attacker could execute arbitrary PHP code via the Turba subcomponent...

74CMS PHP Remote File Inclusion Vulnerability

Knight CMS 74cms is a free website management system based on PHP+MYSQL, providing perfect talent recruitment website construction program. There is a PHP remote file inclusion vulnerability in the assignresumetpl method in Application/Common/Controller/BaseController.class.php in versions prior ...

Drupal core - Critical - Arbitrary PHP code execution - SA-CORE-2020-013

The Drupal project uses the PEAR ArchiveTar library. The PEAR ArchiveTar library has released a security update that impacts Drupal. For more information please see: CVE-2020-28948 CVE-2020-28949 Multiple vulnerabilities are possible if Drupal is configured to allow .tar, .tar.gz, .bz2, or .tlz...

Bypass of fix for CVE-2020-15247, Twig sandbox escape

Impact A bypass of CVE-2020-15247 fixed in 1.0.469 and 1.1.0 was discovered that has the same impact as CVE-2020-15247: An authenticated backend user with the cms.managepages, cms.managelayouts, or cms.managepartials permissions who would normally not be permitted to provide PHP code to be execut...

HorizontCMS File Upload Vulnerability

HorizontCMS is an open source, responsive content management system CMS built on Laravel 6, VueJs 2.6 and Bootstrap 3.4. HorizontCMS 1.0.0-beta is vulnerable to unrestricted file uploads. An attacker can exploit this vulnerability to upload PHP code via zip file and execute PHP files via HTTP GET...

CVE-2020-28693

An unrestricted file upload issue in HorizontCMS 1.0.0-beta allows an authenticated remote attacker to upload PHP code through a zip file by uploading a theme, and executing the PHP file via an HTTP GET request to /themes/...

CVE-2020-28693

An unrestricted file upload issue in HorizontCMS 1.0.0-beta allows an authenticated remote attacker to upload PHP code through a zip file by uploading a theme, and executing the PHP file via an HTTP GET request to /themes/...

Unrestricted file upload

An unrestricted file upload issue in HorizontCMS 1.0.0-beta allows an authenticated remote attacker to upload PHP code through a zip file by uploading a theme, and executing the PHP file via an HTTP GET request to /themes/...

CMSuno Code Injection Vulnerability (CNVD-2020-63993)

CMSUno is an easy and handy tool for creating one-page responsive websites. A code injection vulnerability exists in CMSuno 1.6.2. This vulnerability can be exploited to inject malicious code into the "lang" parameter of /uno/central.php and run this PHP code in a web page to take over control of...

CVE-2020-5796

Improper preservation of permissions in Nagios XI 5.7.4 allows a local, low-privileged, authenticated user to weaken the permissions of files, resulting in low-privileged users being able to write to and execute arbitrary PHP code with root privileges...

Input validation

Improper preservation of permissions in Nagios XI 5.7.4 allows a local, low-privileged, authenticated user to weaken the permissions of files, resulting in low-privileged users being able to write to and execute arbitrary PHP code with root privileges...

CVE-2020-5796

Improper preservation of permissions in Nagios XI 5.7.4 allows a local, low-privileged, authenticated user to weaken the permissions of files, resulting in low-privileged users being able to write to and execute arbitrary PHP code with root privileges...

CVE-2020-25557

In CMSuno 1.6.2, an attacker can inject malicious PHP code as a "username" while changing his/her username & password. After that, when attacker logs in to the application, attacker's code will be run. As a result of this vulnerability, authenticated user can run command on the server...

CVE-2020-25538

An authenticated attacker can inject malicious code into "lang" parameter in /uno/central.php file in CMSuno 1.6.2 and run this PHP code in the web page. In this way, attacker can takeover the control of the server...

CVE-2020-25557

In CMSuno 1.6.2, an attacker can inject malicious PHP code as a "username" while changing his/her username & password. After that, when attacker logs in to the application, attacker's code will be run. As a result of this vulnerability, authenticated user can run command on the server...