CVE-2020-12839

The CVE-2020-12839 entry applies to ismartgate PRO 1.5.9, where a privilege escalation flaw is triggered by appending PHP code to the file /cron/checkExpirationDate.php. The NVD metrics show a high to critical impact (C/H/I/A) with network attack vector and no authentication, indicating a severe ...

The vulnerability of the ajax_calls.php component of the Responsive FileManager, which allows a hacker to execute arbitrary code.

The vulnerability of the ajaxcalls.php file from the Responsive FileManager library exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially created JPEG image along with specially added EXIF metadata...

Drag and Drop Multiple File Upload – Contact Form 7 < 1.3.5.5 - Unauthenticated Remote Code Execution

The Drag and Drop Multiple File Upload – Contact Form 7 WordPress plugin was vulnerable to Remote Code Execution via file upload. The plugin used a blacklist of dangerous file extensions that it did not allow to be uploaded, however, the extensions .phar and .phpt were not within the blacklist,...

B-swiss 3 Digital Signage System 3.6.5 - Remote Code Execution

Exploit Title: B-swiss 3 Digital Signage System 3.6.5 - Remote Code Execution Date: 2020-08-27 Exploit Author: LiquidWorm Vendor Homepage: https://www.b-swiss.com Version: = 3.6.5 CVE : N/A !/usr/bin/env python3 -- coding: utf-8 -- B-swiss 3 Digital Signage System 3.6.5 Backdoor Remote Code...

CVE-2020-25790

Summary: CVE-2020-25790 affects Typesetter CMS 5.x through 5.1. A ZIP upload feature allows an admin to place a PHP file inside the archive and, after extraction, execute the code, leading to arbitrary code execution. Root cause: uploaded ZIP contents can be executed via the web interface, confli...

CVE-2020-25790

Typesetter CMS 5.x through 5.1 allows admins to upload and execute arbitrary PHP code via a .php file inside a ZIP archive. NOTE: the vendor disputes the significance of this report because "admins are considered trustworthy"; however, the behavior "contradicts our security policy" and is being...

B-swiss 3 Digital Signage System 3.6.5 Backdoor Remote Code Execution

Summary Intelligent digital signage made easy. To go beyond the possibilities offered, b-swiss allows you to create the communication solution for your specific needs and your graphic charter. You benefit from our experience and know-how in the realization of your digital signage project...

PT-2020-16210 · Typesetter · Typesetter Cms

Name of the Vulnerable Software and Affected Versions: Typesetter CMS versions 5.x through 5.1 Description: The issue allows admins to upload and execute arbitrary PHP code via a .php file inside a ZIP archive. This behavior contradicts the security policy, and the vendor is fixing it for version...

CVE-2020-11803

An issue was discovered in Titan SpamTitan 7.07. Improper sanitization of the parameter jaction when interacting with the page mailqueue.php could lead to PHP code evaluation server-side, because the user-provided input is passed directly to the php eval function. The user has to be authenticated...

CVE-2020-11803

An issue was discovered in Titan SpamTitan 7.07. Improper sanitization of the parameter jaction when interacting with the page mailqueue.php could lead to PHP code evaluation server-side, because the user-provided input is passed directly to the php eval function. The user has to be authenticated...

Input validation

An issue was discovered in Titan SpamTitan 7.07. Improper sanitization of the parameter jaction when interacting with the page mailqueue.php could lead to PHP code evaluation server-side, because the user-provided input is passed directly to the php eval function. The user has to be authenticated...

CVE-2020-11803

CVE-2020-11803 affects SpamTitan 7.07. The issue arises from improper sanitization of the jaction parameter on mailqueue.php, where user input is passed directly to PHP eval(), enabling server-side code evaluation after authentication. Exploitation details are documented in multiple connected sou...

CVE-2020-11803

An issue was discovered in Titan SpamTitan 7.07. Improper sanitization of the parameter jaction when interacting with the page mailqueue.php could lead to PHP code evaluation server-side, because the user-provided input is passed directly to the php eval function. The user has to be authenticated...

tt-rss -- multiple vulnerabilities

tt-rss project reports: The cachedurl feature mishandles JavaScript inside an SVG document. imgproxy in plugins/afproxyhttp/init.php mishandles $REQUEST"url" in an error message. It does not validate all URLs before requesting them. Allows remote attackers to execute arbitrary PHP code via a...

Fedora 32 : drupal8 (2020-a064e7dd38)

https://www.drupal.org/project/drupal/releases/8.9.5 - https://www.drupal.org/project/drupal/releases/8.9.4 - https://www.drupal.org/project/drupal/releases/8.9.3 - https://www.drupal.org/project/drupal/releases/8.9.2 - https://www.drupal.org/project/drupal/releases/8.9.1 - Drupal core - Critical...

CVE-2020-25213

The File Manager wp-file-manager plugin before 6.9 for WordPress allows remote attackers to upload and execute arbitrary PHP code because it renames an unsafe example elFinder connector file to have the .php extension. This, for example, allows attackers to run the elFinder upload or mkfile and p...

CVE-2020-25213

The File Manager wp-file-manager plugin before 6.9 for WordPress allows remote attackers to upload and execute arbitrary PHP code because it renames an unsafe example elFinder connector file to have the .php extension. This, for example, allows attackers to run the elFinder upload or mkfile and p...

Command injection

The File Manager wp-file-manager plugin before 6.9 for WordPress allows remote attackers to upload and execute arbitrary PHP code because it renames an unsafe example elFinder connector file to have the .php extension. This, for example, allows attackers to run the elFinder upload or mkfile and p...

CVE-2020-25213

The File Manager wp-file-manager plugin before 6.9 for WordPress allows remote attackers to upload and execute arbitrary PHP code because it renames an unsafe example elFinder connector file to have the .php extension. This, for example, allows attackers to run the elFinder upload or mkfile and p...

PT-2020-6318 · WordPress · Wp File Manager

Name of the Vulnerable Software and Affected Versions: wp-file-manager plugin versions prior to 6.9 Description: The issue allows remote attackers to upload and execute arbitrary PHP code because it renames an unsafe example elFinder connector file to have the .php extension. This allows attacker...