CVE-2018-18572

osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist filtering in the "product" page. Because of this filter, script files with certain PHP-related extensions such as .phtml and .php5 didn't execute in the application. But this filter didn't prevent the '.pht' extension. Thus, remote...

Code injection

osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist filtering in the "product" page. Because of this filter, script files with certain PHP-related extensions such as .phtml and .php5 didn't execute in the application. But this filter didn't prevent the '.pht' extension. Thus, remote...

CVE-2018-18573

osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist filtering in the "product" page. Remote authenticated administrators can upload new '.htaccess' files e.g., omitting .php and subsequently achieve arbitrary PHP code execution via a /catalog/admin/categories.php?cPath=&action=newprodu...

CVE-2018-18572

Summary: CVE-2018-18572 affects osCommerce 2.3.4.1. An incomplete blacklist in the .htaccess on the product page allows remote authenticated administrators to upload files with the .pht extension, bypassing the filter and enabling arbitrary PHP code execution via /catalog/admin/categories.php?cPa...

CVE-2018-18572

osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist filtering in the "product" page. Because of this filter, script files with certain PHP-related extensions such as .phtml and .php5 didn't execute in the application. But this filter didn't prevent the '.pht' extension. Thus, remote...

Directory traversal

wp-admin/admin-ajax.php?action=newslettersexportmultiple in the Tribulant Newsletters plugin before 4.6.19 for WordPress allows directory traversal with resultant remote PHP code execution via the subscribers11 parameter in conjunction with an exportfile=../ value...

CVE-2019-14746

A issue was discovered in KuaiFanCMS 5.0. It allows eval injection by placing PHP code in the install.php dbname parameter and then making a config.php request...

CVE-2019-14746

CVE-2019-14746 affects KuaiFanCMS 5.0. The issue is an eval injection vulnerability: an attacker can place PHP code in the install.php db_name parameter and trigger it via a subsequent config.php request, enabling code execution as described. The connected documents confirm this vector and impact...

CVE-2019-14746

A issue was discovered in KuaiFanCMS 5.0. It allows eval injection by placing PHP code in the install.php dbname parameter and then making a config.php request...

CVE-2016-10802

cPanel before 58.0.4 allows code execution in the context of other user accounts through the PHP CGI handler SEC-142...

CVE-2019-7932

A remote code execution vulnerability exists in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with admin privileges to create sitemaps can execute arbitrary P...

CVE-2019-7871

A security bypass exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 that could be abused to execute arbitrary PHP code. An authenticated user can bypass security protections that prevent arbitrary PHP script upload via form data injection...

CVE-2019-7932

A remote code execution vulnerability exists in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with admin privileges to create sitemaps can execute arbitrary P...

Rare Steganography Hack Can Compromise Fully Patched Websites

An unusual steganographic technique that an attacker can use to implant a malicious webshell on unsuspecting websites has been spotted in Latin America. According to research from Trustwave shared exclusively with Threatpost, a forensic investigation showed that an adversary is implanting PHP cod...

CVE-2019-13956

Discuz!ML 3.2 through 3.4 allows remote attackers to execute arbitrary PHP code via a modified language cookie, as demonstrated by changing 4gH40df5language=en to 4gH40df5language=en'.phpinfo.'; if the random prefix 4gH40df5 were used...

Code injection

Discuz!ML 3.2 through 3.4 allows remote attackers to execute arbitrary PHP code via a modified language cookie, as demonstrated by changing 4gH40df5language=en to 4gH40df5language=en'.phpinfo.'; if the random prefix 4gH40df5 were used...

CVE-2019-13956

Discuz!ML versions 3.2–3.4 are affected by a code-injection vulnerability in the language cookie. The root cause is improper handling of the language cookie value, allowing remote attackers to inject and execute arbitrary PHP code (for example via language=en'.phpinfo().');, enabling remote code ...

ImageCache Actions - Critical - Multiple Vulnerabilities - SA-CONTRIB-2019-056

The imagecache actions module defines a number of additional image effects that can be used to create image styles. The "Image styles admin" sub module provides additional functionality to duplicate, export and import image styles. The module uses unserialize to import image styles into another...

WordPress Ad Inserter Plugin < 2.4.22 RCE Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description scriptoid"1.3.6.1.4.1.25623.1.0.112607";...

Design/Logic Flaw

/web/Lib/Action/IndexAction.class.php in D-Link Central WiFi Manager CWM100 before v1.03R0100BETA6 allows remote attackers to execute arbitrary PHP code via a cookie because a cookie's username field allows eval injection, and an empty password bypasses authentication...