CVE-2018-15139

Unrestricted file upload in interface/super/managesitefiles.php in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary PHP code by uploading a file with a PHP extension via the images upload form and accessing it in the images directory...

CVE-2018-15142

OpenEMR prior to 5.0.1.4 has a directory-traversal vulnerability in portal/import_template.php that allows an authenticated patient-portal user to write a PHP file via docid/content and access it in the traversed directory, resulting in arbitrary PHP code execution. Affected versions are older th...

CVE-2018-15139

Unrestricted file upload in interface/super/managesitefiles.php in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary PHP code by uploading a file with a PHP extension via the images upload form and accessing it in the images directory. Recent...

Unrestricted file upload

Unrestricted file upload with remote code execution in require/mail/NotificationMail.php in Webconsole in OCS Inventory NG OCS Inventory Server through 2.5 allows a privileged user to gain access to the server via a template file containing PHP code, because file extensions other than .html are...

CVE-2018-14857

Unrestricted file upload with remote code execution in require/mail/NotificationMail.php in Webconsole in OCS Inventory NG OCS Inventory Server through 2.5 allows a privileged user to gain access to the server via a template file containing PHP code, because file extensions other than .html are...

CVE-2018-14857

Unrestricted file upload with remote code execution in require/mail/NotificationMail.php in Webconsole in OCS Inventory NG OCS Inventory Server through 2.5 allows a privileged user to gain access to the server via a template file containing PHP code, because file extensions other than .html are...

CVE-2018-14857

Unrestricted file upload with remote code execution in require/mail/NotificationMail.php in Webconsole in OCS Inventory NG OCS Inventory Server through 2.5 allows a privileged user to gain access to the server via a template file containing PHP code, because file extensions other than .html are...

CVE-2018-12483

OCS Inventory 2.4.1 is prone to a remote command-execution vulnerability. Specifically, this issue occurs because the content of the ipdiscoveranalyser rzo GET parameter is concatenated to a string used in an exec call in the PHP code. Authentication is needed in order to exploit this vulnerabili...

CVE-2018-12483

OCS Inventory 2.4.1 is prone to a remote command-execution vulnerability. Specifically, this issue occurs because the content of the ipdiscoveranalyser rzo GET parameter is concatenated to a string used in an exec call in the PHP code. Authentication is needed in order to exploit this vulnerabili...

Command injection

OCS Inventory 2.4.1 is prone to a remote command-execution vulnerability. Specifically, this issue occurs because the content of the ipdiscoveranalyser rzo GET parameter is concatenated to a string used in an exec call in the PHP code. Authentication is needed in order to exploit this vulnerabili...

CVE-2018-12483

OCS Inventory 2.4.1 is prone to a remote command-execution vulnerability. Specifically, this issue occurs because the content of the ipdiscoveranalyser rzo GET parameter is concatenated to a string used in an exec call in the PHP code. Authentication is needed in order to exploit this vulnerabili...

CVE-2018-14910

SeaCMS v6.61 allows Remote Code execution by placing PHP code in an allowed IP address aka ip to /admin/adminip.php aka /adm1n/adminip.php. The code is executed by visiting adm1n/adminip.php or data/admin/ip.php. This can also be exploited through CSRF...

Cross site request forgery (csrf)

SeaCMS v6.61 allows Remote Code execution by placing PHP code in an allowed IP address aka ip to /admin/adminip.php aka /adm1n/adminip.php. The code is executed by visiting adm1n/adminip.php or data/admin/ip.php. This can also be exploited through CSRF...

CVE-2018-14910

SeaCMS v6.61 allows Remote Code execution by placing PHP code in an allowed IP address aka ip to /admin/adminip.php aka /adm1n/adminip.php. The code is executed by visiting adm1n/adminip.php or data/admin/ip.php. This can also be exploited through CSRF...

CVE-2018-14910

SeaCMS v6.61 is vulnerable to Remote Code Execution. An attacker can place PHP code via an allowed IP address (ip) that targets /admin/admin_ip.php (also reachable as /adm1n/admin_ip.php). The payload is executed when an affected endpoint is accessed (adm1n/admin_ip.php or data/admin/ip.php), ena...

CVE-2018-12483

OCS Inventory 2.4.1 is prone to a remote command-execution vulnerability. Specifically, this issue occurs because the content of the ipdiscoveranalyser rzo GET parameter is concatenated to a string used in an exec call in the PHP code. Authentication is needed in order to exploit this vulnerabili...

CVE-2018-12483

OCS Inventory 2.4.1 is prone to a remote command-execution vulnerability. Specifically, this issue occurs because the content of the ipdiscoveranalyser rzo GET parameter is concatenated to a string used in an exec call in the PHP code. Authentication is needed in order to exploit this vulnerabili...

SeedDMS Arbitrary File Upload Vulnerability

SeedDMS formerly known as LetoDMS and MyDMS is SeedDMS enthusiasts jointly developed a set of PHP and MySql-based open source document management system . The system is mainly used to store and share documents. An arbitrary file upload vulnerability exists in the 'op/op.UploadChunks.php' file in...

CVE-2018-12940

Unrestricted file upload vulnerability in "op/op.UploadChunks.php" in SeedDMS formerly LetoDMS and MyDMS before 5.1.8 allows remote attackers to execute arbitrary code by uploading a file with an executable extension specified by the "qqfile" parameter. This allows an authenticated attacker to...

CVE-2018-12940

Unrestricted file upload vulnerability in "op/op.UploadChunks.php" in SeedDMS formerly LetoDMS and MyDMS before 5.1.8 allows remote attackers to execute arbitrary code by uploading a file with an executable extension specified by the "qqfile" parameter. This allows an authenticated attacker to...