CVE-2018-12483

OCS Inventory 2.4.1 is prone to a remote command-execution vulnerability. Specifically, this issue occurs because the content of the ipdiscoveranalyser rzo GET parameter is concatenated to a string used in an exec call in the PHP code. Authentication is needed in order to exploit this vulnerabili...

SeedDMS Arbitrary File Upload Vulnerability

SeedDMS formerly known as LetoDMS and MyDMS is SeedDMS enthusiasts jointly developed a set of PHP and MySql-based open source document management system . The system is mainly used to store and share documents. An arbitrary file upload vulnerability exists in the 'op/op.UploadChunks.php' file in...

CVE-2018-12940

Unrestricted file upload vulnerability in "op/op.UploadChunks.php" in SeedDMS formerly LetoDMS and MyDMS before 5.1.8 allows remote attackers to execute arbitrary code by uploading a file with an executable extension specified by the "qqfile" parameter. This allows an authenticated attacker to...

CVE-2018-12940

Unrestricted file upload vulnerability in "op/op.UploadChunks.php" in SeedDMS formerly LetoDMS and MyDMS before 5.1.8 allows remote attackers to execute arbitrary code by uploading a file with an executable extension specified by the "qqfile" parameter. This allows an authenticated attacker to...

CVE-2018-12940

Unrestricted file upload vulnerability in "op/op.UploadChunks.php" in SeedDMS formerly LetoDMS and MyDMS before 5.1.8 allows remote attackers to execute arbitrary code by uploading a file with an executable extension specified by the "qqfile" parameter. This allows an authenticated attacker to...

CVE-2018-14399

libs\classes\attachment.class.php in PHPCMS 9.6.0 allows remote attackers to upload and execute arbitrary PHP code via a .txt?.php.jpg URI in the SRC attribute of an IMG element within infocontent JSON data to the index.php?m=member&c=index&a=register URI...

CVE-2018-14399

PHPCMS 9.6.0 is affected. The flaw exists in libs\classes\attachment.class.php and allows remote attackers to upload and execute arbitrary PHP code by sending a crafted .txt?.php#.jpg URI in the SRC attribute of an IMG element within info[content] JSON data directed to index.php?m=member&c=index&...

JVN#62423700: Movable Type plugin MTAppjQuery vulnerable to PHP code execution

MTAppjQuery provided by bit part LLC is a plugin for Movable Type. An older version PHP library Uploadify is incorporated in MTAppjQuery v1.8.1 and earlier versions and the older versions of Uploadify contains unrestricted upload of arbitrary file CWE-434, which may lead to arbitrary PHP code...

CVE-2016-9483

The PHP form code generated by PHP FormMail Generator deserializes untrusted input as part of the phpfmgfilmandownload function. A remote unauthenticated attacker may be able to use this vulnerability to inject PHP code, or along with CVE-2016-9484 to perform local file inclusion attacks and obta...

Cross site scripting

The code generated by PHP FormMail Generator prior to 17 December 2016 is vulnerable to stored cross-site scripting. In the generated form.lib.php file, upload file types are checked against a hard-coded list of dangerous extensions. This list does not include all variations of PHP files, which m...

CVE-2016-9483 PHP FormMail Generator generates PHP code for standard web forms, and the code generated is vulnerable to unsafe deserialization of untrusted data

The PHP form code generated by PHP FormMail Generator deserializes untrusted input as part of the phpfmgfilmandownload function. A remote unauthenticated attacker may be able to use this vulnerability to inject PHP code, or along with CVE-2016-9484 to perform local file inclusion attacks and obta...

Metinfo Remote Code Execution Vulnerability

MetInfo is a content management system CMS developed using PHP and Mysql by China Mito Information Technology Ltd. A security vulnerability exists in Metinfo version 6.0.0. A remote attacker can exploit the vulnerability by sending the 'module' parameter to the admin/column/save.php file to write...

Dolibarr ERP/CRM < 7.0.3 - PHP Code Injection

Exploit Title: Unauthenticated Remote Code Evaluation in Dolibarr ERP CRM =7.0.3 Date: 06/29/2018 Exploit Author: om3rcitak - https://omercitak.com Vendor Homepage: https://dolibarr.org Software Link: https://github.com/Dolibarr/dolibarr Version: =7.0.3 Tested on: Unix, Windows Technical Details...

Dolibarr ERPCRM 7.0.3 - PHP Code Injection

Dolibarr ERPCRM 7.0.3 - PHP Code Injection Exploit Title: Unauthenticated Remote Code Evaluation in Dolibarr ERP CRM =7.0.3 Date: 06/29/2018 Exploit Author: om3rcitak - https://omercitak.com Vendor Homepage: https://dolibarr.org Software Link: https://github.com/Dolibarr/dolibarr Version: =7.0.3...

OneFileCMS Arbitrary PHP Code Execution Vulnerability

OneFileCMS is a lightweight CMS system. The system runs on PHP and JavaScript and includes features such as document editing, file uploading and file management. A security vulnerability exists in the onefilecms.php file in OneFileCMS version 2012-04-14 and earlier. The vulnerability can be...

Unrestricted file upload

OpenSID 18.06-pasca has an Unrestricted File Upload vulnerability via an Attachment Document in the article feature. This vulnerability leads to uploading arbitrary PHP code via a .php filename with the application/pdf Content-Type...

CVE-2018-13038

OpenSID 18.06-pasca has an Unrestricted File Upload vulnerability via an Attachment Document in the article feature. This vulnerability leads to uploading arbitrary PHP code via a .php filename with the application/pdf Content-Type...

CVE-2018-13038

OpenSID 18.06-pasca has an Unrestricted File Upload vulnerability via an Attachment Document in the article feature. This vulnerability leads to uploading arbitrary PHP code via a .php filename with the application/pdf Content-Type...

CVE-2018-13038

OpenSID 18.06-pasca has an Unrestricted File Upload vulnerability via an Attachment Document in the article feature. This vulnerability leads to uploading arbitrary PHP code via a .php filename with the application/pdf Content-Type...

Privilege escalation

An issue was discovered in HongCMS 3.0.0. There is an Arbitrary Script File Upload issue that can result in PHP code execution via the admin/index.php/template/upload URI...