Code injection

Controller/Async/FilesystemManager.php in the filemanager in Bolt before 3.6.5 allows remote attackers to execute arbitrary PHP code by renaming a previously uploaded file to have a .php extension...

Code injection

Monstra CMS 3.0.4 allows remote attackers to execute arbitrary PHP code via a mixed-case file extension, as demonstrated by the 123.PhP filename, because plugins\box\filesmanager\filesmanager.admin.php mishandles the forbiddentypes variable...

CVE-2013-7468

Simple Machines Forum SMF 2.0.4 allows PHP Code Injection via the index.php?action=admin;area=languages;sa=editlang dictionary parameter...

CVE-2019-9581

phpscheduleit Booked Scheduler 2.7.5 allows arbitrary file upload via the Favicon field, leading to execution of arbitrary Web/custom-favicon.php PHP code, because Presenters/Admin/ManageThemePresenter.php does not ensure an image file extension...

Security Bulletin: IBM API Connect Developer Portal is affected by arbitrary PHP code execution vulnerability in Drupal (CVE-2019-6340)

Summary IBM API Connect has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2019-6340 DESCRIPTION: Drupal Core could allow a remote attacker to execute arbitrary PHP code on the system, caused by improper input validation in some field types. By sending a specially-crafted...

CVE-2019-9581

phpscheduleit Booked Scheduler 2.7.5 allows arbitrary file upload via the Favicon field, leading to execution of arbitrary Web/custom-favicon.php PHP code, because Presenters/Admin/ManageThemePresenter.php does not ensure an image file extension...

CVE-2019-9572

SchoolCMS version 2.3.1 allows file upload via the theme upload feature at admin.php?m=admin&c=theme&a=upload by using the .zip extension along with the Static substring, changing the Content-Type to application/zip, and placing PHP code after the ZIP header. This ultimately allows execution of...

CVE-2019-9572

SchoolCMS version 2.3.1 allows file upload via the theme upload feature at admin.php?m=admin&c=theme&a=upload by using the .zip extension along with the Static substring, changing the Content-Type to application/zip, and placing PHP code after the ZIP header. This ultimately allows execution of...

Unrestricted file upload

SchoolCMS version 2.3.1 allows file upload via the theme upload feature at admin.php?m=admin&c=theme&a=upload by using the .zip extension along with the Static substring, changing the Content-Type to application/zip, and placing PHP code after the ZIP header. This ultimately allows execution of...

Code injection

There is a CSRF in ZZZCMS zzzphp V1.6.1 via a /admin015/save.php?act=editfile request. It allows PHP code injection by providing a filename in the file parameter, and providing file content in the filetext parameter...

CVE-2019-9182

There is a CSRF in ZZZCMS zzzphp V1.6.1 via a /admin015/save.php?act=editfile request. It allows PHP code injection by providing a filename in the file parameter, and providing file content in the filetext parameter...

CVE-2019-9182

CVE-2019-9182 affects ZZZCMS zzzphp v1.6.1. A CSRF flaw in /admin015/save.php?act=editfile enables PHP code injection by supplying a filename in the file parameter and content in the filetext parameter, leading to potential code execution on the server. Exploitation details are described in the C...

CVE-2019-9182

There is a CSRF in ZZZCMS zzzphp V1.6.1 via a /admin015/save.php?act=editfile request. It allows PHP code injection by providing a filename in the file parameter, and providing file content in the filetext parameter...

ZZZCMS zzzphp Cross-Site Request Forgery Vulnerability

ZZZCMS zzzphp is a content management system CMS. A cross-site request forgery vulnerability exists in ZZZCMS zzzphp version V1.6.1. A remote attacker can exploit this vulnerability to inject PHP code with the help of the 'file' and 'filetext' parameters...

PHP Code Injection

smarty-php/smarty is vulnerable to PHP code injection attacks. The vulnerability exists as the template names are unsanitized when called from fetch or display, allowing PHP code injection attacks...

zzzphp CMS 1.6.1 - Remote Code Execution

Exploit Title: dynamic code evaluation of zzzphp cms 1.6.1 Google Dork: intext:"2015-2019 zzcms.com" Date: 24/02/2019 Exploit Author: Yang Chenglong Vendor Homepage: http://www.zzzcms.com/index.html Software Link: http://115.29.55.18/zzzphp.zip Version: 1.6.1 Tested on: windows/Linux,iis/apache C...

Code injection

An issue was discovered in ZZZCMS zzzphp V1.6.1. In the inc/zzztemplate.php file, the parserIfLabel function's filtering is not strict, resulting in PHP code execution, as demonstrated by the if:assert substring...

CVE-2019-9041

An issue was discovered in ZZZCMS zzzphp V1.6.1. In the inc/zzztemplate.php file, the parserIfLabel function's filtering is not strict, resulting in PHP code execution, as demonstrated by the if:assert substring...

CVE-2019-9041

An issue was discovered in ZZZCMS zzzphp V1.6.1. In the inc/zzztemplate.php file, the parserIfLabel function's filtering is not strict, resulting in PHP code execution, as demonstrated by the if:assert substring...

CVE-2019-9041

An issue was discovered in ZZZCMS zzzphp V1.6.1. In the inc/zzztemplate.php file, the parserIfLabel function's filtering is not strict, resulting in PHP code execution, as demonstrated by the if:assert substring...