Design/Logic Flaw

The database backup feature in upload/source/admincp/admincpdb.php in Discuz! 2.5 and 3.4 allows remote attackers to execute arbitrary PHP code...

CVE-2018-14729

The database backup feature in upload/source/admincp/admincpdb.php in Discuz! 2.5 and 3.4 allows remote attackers to execute arbitrary PHP code...

Moodle <= 3.6.3 File Upload Vulnerability

Moodle is prone to a file upload vulnerability. This VT has been deprecated since this CVE has been withdrawn since further investigation showed that it was not a security issue. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are...

CVE-2019-11568

An issue was discovered in AikCms v2.0. There is a File upload vulnerability, as demonstrated by an admin/page/system/nav.php request with PHP code in a .php file with the application/octet-stream content type...

Unrestricted file upload

An issue was discovered in AikCms v2.0. There is a File upload vulnerability, as demonstrated by an admin/page/system/nav.php request with PHP code in a .php file with the application/octet-stream content type...

CVE-2019-11568

An issue was discovered in AikCms v2.0. There is a File upload vulnerability, as demonstrated by an admin/page/system/nav.php request with PHP code in a .php file with the application/octet-stream content type...

Cross site request forgery (csrf)

Gila CMS 1.10.1 allows fm/save CSRF for executing arbitrary PHP code...

CVE-2019-11456

Gila CMS 1.10.1 allows fm/save CSRF for executing arbitrary PHP code...

CVE-2019-11456

Gila CMS 1.10.1 is affected by CVE-2019-11456. The issue is a CSRF vulnerability in fm/save that can lead to execution of arbitrary PHP code. Documented impact indicates high severity (CVSS3.0: 8.8) with network access, user interaction required, and high impact on confidentiality, integrity, and...

CVE-2019-11376

SOY CMS v3.0.2 allows remote attackers to execute arbitrary PHP code via a ?php substring in the second text box. NOTE: the vendor indicates that there was an assumption that the content is "made editable on its own...

CVE-2019-11376

SOY CMS v3.0.2 allows remote attackers to execute arbitrary PHP code via a ?php substring in the second text box. NOTE: the vendor indicates that there was an assumption that the content is "made editable on its own...

Code injection

DISPUTED SOY CMS v3.0.2 allows remote attackers to execute arbitrary PHP code via a ?php substring in the second text box. NOTE: the vendor indicates that there was an assumption that the content is "made editable on its own."...

CVE-2019-11376

SOY CMS v3.0.2 allows remote attackers to execute arbitrary PHP code via a ?php substring in the second text box. NOTE: the vendor indicates that there was an assumption that the content is "made editable on its own...

Raptor WAF v0.6 - Web Application Firewall using DFA

Raptor is a Web application firewall made in C, uses DFA to block SQL injection, Cross site scripting and path traversal. http://funguscodes.blogspot.com.br/ to run: $ git clone https://github.com/CoolerVoid/raptorwaf $ cd raptorwaf; make; bin/raptor Note: Don't execute with "cd bin; ./raptor" us...

CVE-2019-10863

A command injection vulnerability exists in TeemIp versions before 2.4.0. The newconfig parameter of exec.php allows one to create a new PHP file with the exception of config information. The malicious PHP code sent is executed instantaneously and is not saved on the server...

Code injection

Application/Admin/Controller/ConfigController.class.php in 74cms v5.0.1 allows remote attackers to execute arbitrary PHP code via the index.php?m=Admin&c=config&a=edit sitedomain parameter...

Code injection

ZZZCMS zzzphp v1.6.3 allows remote attackers to execute arbitrary PHP code via a .php URL in the plugins/ueditor/php/controller.php?action=catchimage source parameter because of a lack of inc/zzzfile.php restrictions. For example, source%5B%5D=http%3A%2F%2F192.168.0.1%2Ftest.php can be used if th...

CVE-2019-10647

Affected software : ZZZCMS zzzphp v1.6.3. Vulnerability : Remote code execution via a crafted URL in plugins/ueditor/php/controller.php?action=catchimage, due to lack of restrictions in inc/zzz_file.php. Example payloads can cause the server to process PHP code as text. Impact : Attacker can exec...

Design/Logic Flaw

baigoStudio baigoSSO v3.0.1 allows remote attackers to execute arbitrary PHP code via the first form field of a configuration screen, because this code is written to the BGSITENAME field in the optbase.inc.php file...

Design/Logic Flaw

Maccms 10 allows remote attackers to execute arbitrary PHP code by entering this code in a template/defaultpc/html/art Edit action. This occurs because template rendering uses an include operation on a cache file, which bypasses the prohibition of .php files as templates...