CVE-2018-10574

site/index.php/admin/trees/add/ in BigTree 4.2.22 and earlier allows remote attackers to upload and execute arbitrary PHP code because the BigTreeStorage class in core/inc/bigtree/apis/storage.php does not prevent uploads of .htaccess files...

xdebug Unauthenticated OS Command Execution

Module exploits a vulnerability in the eval command present in Xdebug versions 2.5.5 and below. This allows the attacker to execute arbitrary php code as the context of the web user. This module requires Metasploit: https://metasploit.com/download Current source:...

Remote code execution

In CMS Made Simple CMSMS through 2.2.7, the "module import" operation in the admin dashboard contains a remote code execution vulnerability, exploitable by an admin user, because an XML Package can contain base64-encoded PHP code in a data element...

CVE-2018-10517

In CMS Made Simple CMSMS through 2.2.7, the "module import" operation in the admin dashboard contains a remote code execution vulnerability, exploitable by an admin user, because an XML Package can contain base64-encoded PHP code in a data element...

CVE-2018-10517

CVE-2018-10517 concerns CMS Made Simple (CMSMS) up to version 2.2.7. The vulnerability lies in the admin dashboard’s “module import” operation, where an XML Package can include a data element with base64-encoded PHP code, enabling a remote code execution when exploited by an authenticated adminis...

CVE-2018-10429

Cosmo 1.0.0Beta6 allows attackers to execute arbitrary PHP code via the Database Prefix field on the Database Info screen of install.php...

CVE-2018-10429

Cosmo 1.0.0Beta6 allows attackers to execute arbitrary PHP code via the Database Prefix field on the Database Info screen of install.php...

JVN#95589314: Joruri Gw vulnerable to arbitrary file upload

Joruri Gw provided by SiteBridge Inc. is groupware which runs on Ruby on Rails. Joruri Gw contains a vulnerability that may allow an attacker to upload arbitrary files CWE-434. Impact A user may upload arbitrary files. When PHP code execution is enabled on the server, a user may execute arbitrary...

CVE-2018-10375

A file uploading vulnerability exists in /include/helpers/upload.helper.php in DedeCMS V5.7 SP2, which can be utilized by attackers to upload and execute arbitrary PHP code via the /dede/archivesdo.php?dopost=uploadLitpic litpic parameter when "Content-Type: image/jpeg" is sent, but the filename...

CVE-2018-10375

A file uploading vulnerability exists in /include/helpers/upload.helper.php in DedeCMS V5.7 SP2, which can be utilized by attackers to upload and execute arbitrary PHP code via the /dede/archivesdo.php?dopost=uploadLitpic litpic parameter when "Content-Type: image/jpeg" is sent, but the filename...

Design/Logic Flaw

A file uploading vulnerability exists in /include/helpers/upload.helper.php in DedeCMS V5.7 SP2, which can be utilized by attackers to upload and execute arbitrary PHP code via the /dede/archivesdo.php?dopost=uploadLitpic litpic parameter when "Content-Type: image/jpeg" is sent, but the filename...

CVE-2018-10375

A file uploading vulnerability exists in /include/helpers/upload.helper.php in DedeCMS V5.7 SP2, which can be utilized by attackers to upload and execute arbitrary PHP code via the /dede/archivesdo.php?dopost=uploadLitpic litpic parameter when "Content-Type: image/jpeg" is sent, but the filename...

CVE-2018-10375

CVE-2018-10375 affects DedeCMS v5.7 SP2. A vulnerability in /include/helpers/upload.helper.php allows an attacker to upload a crafted file through /dede/archives_do.php?dopost=uploadLitpic with Content-Type: image/jpeg; the filename ends in .php and contains PHP code, enabling arbitrary PHP code ...

Arbitrary file deletion

POSCMS 3.2.18 allows remote attackers to execute arbitrary PHP code via the diy\dayrui\controllers\admin\Syscontroller.php 'add' function because an attacker can control the value of $data'name' with no restrictions, and this value is written to the FCPATH.$file file...

CVE-2018-10235

POSCMS 3.2.10 allows remote attackers to execute arbitrary PHP code via the diy\module\member\controllers\admin\Setting.php 'index' function because an attacker can control the value of $cache'setting''ucssocfg' in diy\module\member\models\Membermodel.php and write this code into the...

Code injection

POSCMS 3.2.10 allows remote attackers to execute arbitrary PHP code via the diy\module\member\controllers\admin\Setting.php 'index' function because an attacker can control the value of $cache'setting''ucssocfg' in diy\module\member\models\Membermodel.php and write this code into the...

CVE-2018-10235

POSCMS 3.2.10 allows remote attackers to execute arbitrary PHP code via the diy\module\member\controllers\admin\Setting.php 'index' function because an attacker can control the value of $cache'setting''ucssocfg' in diy\module\member\models\Membermodel.php and write this code into the...

Code injection

PbootCMS v0.9.8 has CSRF via an admin.php/Message/mod/id/19.html?backurl=/index.php request, resulting in PHP code injection in the recontent parameter...

CVE-2018-10132

PbootCMS v0.9.8 has CSRF via an admin.php/Message/mod/id/19.html?backurl=/index.php request, resulting in PHP code injection in the recontent parameter...

CVE-2018-10133

PbootCMS v0.9.8 allows PHP code injection via an IF label in index.php/About/6.html or admin.php/Site/index.html, related to the parserIfLabel function in \apps\home\controller\ParserController.php...