CVE-2016-10752

serendipitymoveMediaDirectory in Serendipity 2.0.3 allows remote attackers to upload and execute arbitrary PHP code because it mishandles an extensionless filename during a rename, as demonstrated by "php" as a filename...

CVE-2016-10751

osClass 3.6.1 contains a Directory Traversal in oc-admin/plugins.php via the plugin parameter, enabling remote PHP code execution by uploading a PHP-containing image through index.php?page=ajax&action=ajax_upload. Exploitation details are described in multiple sources; the root cause is improper ...

CVE-2016-10751

osClass 3.6.1 allows oc-admin/plugins.php Directory Traversal via the plugin parameter. This is exploitable for remote PHP code execution because an administrator can upload an image that contains PHP code in the EXIF data via index.php?page=ajax&action=ajaxupload...

Design/Logic Flaw

The database backup feature in upload/source/admincp/admincpdb.php in Discuz! 2.5 and 3.4 allows remote attackers to execute arbitrary PHP code...

CVE-2018-14729

The database backup feature in upload/source/admincp/admincpdb.php in Discuz! 2.5 and 3.4 allows remote attackers to execute arbitrary PHP code...

Moodle <= 3.6.3 File Upload Vulnerability

Moodle is prone to a file upload vulnerability. This VT has been deprecated since this CVE has been withdrawn since further investigation showed that it was not a security issue. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are...

CVE-2019-11568

An issue was discovered in AikCms v2.0. There is a File upload vulnerability, as demonstrated by an admin/page/system/nav.php request with PHP code in a .php file with the application/octet-stream content type...

Unrestricted file upload

An issue was discovered in AikCms v2.0. There is a File upload vulnerability, as demonstrated by an admin/page/system/nav.php request with PHP code in a .php file with the application/octet-stream content type...

CVE-2019-11568

An issue was discovered in AikCms v2.0. There is a File upload vulnerability, as demonstrated by an admin/page/system/nav.php request with PHP code in a .php file with the application/octet-stream content type...

Cross site request forgery (csrf)

Gila CMS 1.10.1 allows fm/save CSRF for executing arbitrary PHP code...

CVE-2019-11456

Gila CMS 1.10.1 allows fm/save CSRF for executing arbitrary PHP code...

CVE-2019-11456

Gila CMS 1.10.1 is affected by CVE-2019-11456. The issue is a CSRF vulnerability in fm/save that can lead to execution of arbitrary PHP code. Documented impact indicates high severity (CVSS3.0: 8.8) with network access, user interaction required, and high impact on confidentiality, integrity, and...

Code injection

DISPUTED SOY CMS v3.0.2 allows remote attackers to execute arbitrary PHP code via a ?php substring in the second text box. NOTE: the vendor indicates that there was an assumption that the content is "made editable on its own."...

CVE-2019-11376

SOY CMS v3.0.2 allows remote attackers to execute arbitrary PHP code via a ?php substring in the second text box. NOTE: the vendor indicates that there was an assumption that the content is "made editable on its own...

CVE-2019-11376

SOY CMS v3.0.2 allows remote attackers to execute arbitrary PHP code via a ?php substring in the second text box. NOTE: the vendor indicates that there was an assumption that the content is "made editable on its own...

CVE-2019-11376

SOY CMS v3.0.2 allows remote attackers to execute arbitrary PHP code via a ?php substring in the second text box. NOTE: the vendor indicates that there was an assumption that the content is "made editable on its own...

Raptor WAF v0.6 - Web Application Firewall using DFA

Raptor is a Web application firewall made in C, uses DFA to block SQL injection, Cross site scripting and path traversal. http://funguscodes.blogspot.com.br/ to run: $ git clone https://github.com/CoolerVoid/raptorwaf $ cd raptorwaf; make; bin/raptor Note: Don't execute with "cd bin; ./raptor" us...

CVE-2019-10863

A command injection vulnerability exists in TeemIp versions before 2.4.0. The newconfig parameter of exec.php allows one to create a new PHP file with the exception of config information. The malicious PHP code sent is executed instantaneously and is not saved on the server...

Code injection

Application/Admin/Controller/ConfigController.class.php in 74cms v5.0.1 allows remote attackers to execute arbitrary PHP code via the index.php?m=Admin&c=config&a=edit sitedomain parameter...

Code injection

ZZZCMS zzzphp v1.6.3 allows remote attackers to execute arbitrary PHP code via a .php URL in the plugins/ueditor/php/controller.php?action=catchimage source parameter because of a lack of inc/zzzfile.php restrictions. For example, source%5B%5D=http%3A%2F%2F192.168.0.1%2Ftest.php can be used if th...