CVE-2018-0645

MTAppjQuery 1.8.1 and earlier allows remote PHP code execution via unspecified vectors...

CVE-2018-0645

MTAppjQuery (Movable Type plugin) v1.8.1 and earlier is vulnerable to remote PHP code execution due to inclusion of Uploadify (unrestricted file upload, CWE-434). Exploitation could allow a remote attacker to execute arbitrary PHP code on the server. Affected: MTAppjQuery 1.8.1 and earlier. Root ...

CVE-2018-0658

Input validation issue in EC-CUBE Payment Module 2.12 version 3.5.23 and earlier, EC-CUBE Payment Module 2.11 version 2.3.17 and earlier, GMO-PG Payment Module PG Multi-Payment Service 2.12 version 3.5.23 and earlier, GMO-PG Payment Module PG Multi-Payment Service 2.11 version 2.3.17 and earlier...

CVE-2018-0658

CVE-2018-0658 concerns input validation bypass in EC-CUBE Payment Module and GMO-PG Payment Module (PG Multi-Payment Service). Affected: EC-CUBE Payment Module (2.12) up to version 3.5.23 and earlier; EC-CUBE Payment Module (2.11) up to 2.3.17 and earlier; GMO-PG Payment Module (PG Multi-Payment ...

Guangzhou Lychee Network Co. Touchmedia News APP has file upload vulnerability

Touchdown News App is a news and information app. A file upload vulnerability exists in Touchmedia News APP by Guangzhou Lychee Network Co. An attacker can exploit the vulnerability to upload arbitrary PHP files and execute arbitrary PHP scripts on a remote server...

CVE-2018-16604

Nibbleblog v4.0.5 is affected. The issue allows an attacker with admin credentials to execute arbitrary PHP code by exploiting the username field, which is surrounded by double quotes (e.g., "${phpinfo()}"). Root cause is improper handling of the admin username leading to code execution. Impact i...

idreamsoft iCMS Path Traversal Vulnerability

idreamsoft iCMS is an open source content management system CMS based on PHP and MySQL. A path traversal vulnerability exists in admincp.php?app=config in idreamsoft iCMS version 7.0.11, which can be exploited by remote attackers to execute arbitrary PHP code in a ZIP file...

Code injection

In PESCMS Team 2.2.1, attackers may upload and execute arbitrary PHP code through /Public/?g=Team&m=Setting&a=upgrade by placing a .php file in a ZIP archive...

CVE-2018-16370

In PESCMS Team 2.2.1, attackers may upload and execute arbitrary PHP code through /Public/?g=Team&m=Setting&a=upgrade by placing a .php file in a ZIP archive...

CVE-2018-16320

idreamsoft iCMS 7.0.11 allows admincp.php?app=config Directory Traversal, resulting in execution of arbitrary PHP code from a ZIP file...

CVE-2018-16320

idreamsoft iCMS 7.0.11 allows admincp.php?app=config Directory Traversal, resulting in execution of arbitrary PHP code from a ZIP file...

CVE-2018-16320

CVE-2018-16320 affects idreamsoft iCMS 7.0.11. A directory traversal flaw in admincp.php?app=config enables arbitrary PHP code execution from a ZIP file. Root cause: path traversal in the configuration admin endpoint. Impact: arbitrary code execution; exploitation status is not provided in the do...

UltimatePOS 2.5 - Remote Code Execution

UltimatePOS 2.5 - Remote Code Execution Exploit Title: UltimatePOS 2.5 - Remote Code Execution Google Dork: intext:"UltimatePOS" Date: 2018-08-22 Exploit Author: Renos Nikolaou Vendor Homepage: http://ultimatefosters.com/ Software Link:...

Arbitrary Code Execution

phpwhois/phpwhois is vulnerable to arbitrary code execution attacks. The application unsafely uses the PH function eval, allowing a malicious user to inject and execute arbitrary PHP code through it...

DamiCMS has an arbitrary file write vulnerability

DamiCMS is a content management system CMS for building websites quickly. DamiCMS v6.0.0 version exists arbitrary file write vulnerability, the vulnerability stems from the template editing page fails to strictly detect the file name suffix, an attacker can exploit the vulnerability to write...

Raptor WAF v0.5 - Web Application Firewall using DFA

Raptor is a Web application firewall made in C, uses DFA to block SQL injection, Cross site scripting and path traversal. to run: $ git clone https://github.com/CoolerVoid/raptorwaf $ cd raptorwaf; make; bin/raptor Note: Don't execute with "cd bin; ./raptor" use full path "bin/raptor" look detail...

File (Field) Paths - Critical - Remote Code Execution - SA-CONTRIB-2018-056

This module enables you to automatically sort and rename your uploaded files using token based replacement patterns to maintain a nice clean filesystem. The module doesn't sufficiently sanitize the path while a new file is uploading, allowing a remote attacker to execute arbitrary PHP code. This...

CVE-2018-15139

Unrestricted file upload in interface/super/managesitefiles.php in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary PHP code by uploading a file with a PHP extension via the images upload form and accessing it in the images directory...

Directory traversal

Directory traversal in portal/importtemplate.php in versions of OpenEMR before 5.0.1.4 allows a remote attacker authenticated in the patient portal to execute arbitrary PHP code by writing a file with a PHP extension via the "docid" and "content" parameters and accessing it in the traversed...

Unrestricted file upload

Unrestricted file upload in interface/super/managesitefiles.php in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary PHP code by uploading a file with a PHP extension via the images upload form and accessing it in the images directory...