Arbitrary Code Execution Vulnerability in the HTML5 Responsive Website Building System of Huizhou Fire Phoenix Network Technology Co.

Huizhou Fire Phoenix Network Technology Co., Ltd. provides one-stop website production, website promotion, APP development, WeChat development, data analysis, software development, dynamic creative, cell phone website, Taobao store permanent code decoration, FLASH animation, to program developmen...

GxlcmsQY Arbitrary PHP Code Execution Vulnerability

GxlcmsQY system is a quick website cms tailored for business users. An arbitrary PHP code execution vulnerability exists in the upload function in LibLibActionAdminUploadAction.class.php in GxlcmsQY v1.0.0713. A remote attacker can exploit this vulnerability by first changing the configuploadclas...

Cross site request forgery (csrf)

In Gxlcms QY v1.0.0713, the upload function in Lib\Lib\Action\Admin\UploadAction.class.php allows remote attackers to execute arbitrary PHP code by first using an Admin-Admin-Configsave request to change the configuploadclass value from jpg,gif,png,jpeg to jpg,gif,png,jpeg,php and then making an...

CVE-2018-9847

In Gxlcms QY v1.0.0713, the update function in Lib\Lib\Action\Admin\TplAction.class.php allows remote attackers to execute arbitrary PHP code by placing this code into a template...

Code injection

In Gxlcms QY v1.0.0713, the update function in Lib\Lib\Action\Admin\TplAction.class.php allows remote attackers to execute arbitrary PHP code by placing this code into a template...

CVE-2018-9848

In Gxlcms QY v1.0.0713, the upload function in Lib\Lib\Action\Admin\UploadAction.class.php allows remote attackers to execute arbitrary PHP code by first using an Admin-Admin-Configsave request to change the configuploadclass value from jpg,gif,png,jpeg to jpg,gif,png,jpeg,php and then making an...

CVE-2018-9847

In Gxlcms QY v1.0.0713, the update function in Lib\Lib\Action\Admin\TplAction.class.php allows remote attackers to execute arbitrary PHP code by placing this code into a template...

CVE-2018-9848

In GxlcmsQY v1.0.0713, the upload function in Lib\Lib\Action\Admin\UploadAction.class.php allows remote arbitrary PHP code execution. An attacker first sends Admin-Admin-Configsave to modify config[upload_class] from jpg,gif,png,jpeg to jpg,gif,png,jpeg,php, then issues Admin-Upload-Upload to run...

CVE-2018-9848

In Gxlcms QY v1.0.0713, the upload function in Lib\Lib\Action\Admin\UploadAction.class.php allows remote attackers to execute arbitrary PHP code by first using an Admin-Admin-Configsave request to change the configuploadclass value from jpg,gif,png,jpeg to jpg,gif,png,jpeg,php and then making an...

Code injection

The upsql function in \Lib\Lib\Action\Admin\DataAction.class.php in Gxlcms QY v1.0.0713 allows remote attackers to execute arbitrary SQL statements via the sql parameter. Consequently, an attacker can execute arbitrary PHP code by placing it after a ?php substring, and then using INTO OUTFILE wit...

CVE-2018-9247

The upsql function in \Lib\Lib\Action\Admin\DataAction.class.php in Gxlcms QY v1.0.0713 allows remote attackers to execute arbitrary SQL statements via the sql parameter. Consequently, an attacker can execute arbitrary PHP code by placing it after a ?php substring, and then using INTO OUTFILE wit...

GxlcmsQY Arbitrary PHP Code Execution Vulnerability

Gxlcms QY is an enterprise website creation system. A security vulnerability exists in the 'upsql' function in the \Lib\Lib\Action\Admin\DataAction.class.php file in Gxlcms QY version 1.0.0713. A remote attacker can exploit this vulnerability by executing arbitrary SQL statements with the help of...

ProcessMaker - Plugin Upload Exploit

This Metasploit module will generate and upload a plugin to ProcessMaker resulting in execution of PHP code as the web server user. Credentials for a valid user account with Administrator roles is required to run this module. This Metasploit module has been tested successfully on ProcessMaker...

CVE-2018-9247

The upsql function in \Lib\Lib\Action\Admin\DataAction.class.php in Gxlcms QY v1.0.0713 allows remote attackers to execute arbitrary SQL statements via the sql parameter. Consequently, an attacker can execute arbitrary PHP code by placing it after a ?php substring, and then using INTO OUTFILE wit...

ProcessMaker - Plugin Upload (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ProcessMaker Plugin Upload', 'Description' = %q This module will generate and upload a plugin to ProcessMaker resulting in execution of PHP code a...

Code injection

sysverifies.php in DedeCMS 5.7 allows remote attackers to execute arbitrary PHP code via the refiles array parameter, because the contents of modifytmp.inc are under an attacker's control...

CVE-2018-9175

DedeCMS 5.7 allows remote attackers to execute arbitrary PHP code via the egroup parameter to uploads/dede/stepselectmain.php because code within the database is accessible to uploads/dede/syscacheup.php...

Code injection

DedeCMS 5.7 allows remote attackers to execute arbitrary PHP code via the egroup parameter to uploads/dede/stepselectmain.php because code within the database is accessible to uploads/dede/syscacheup.php...

CVE-2018-9174

The CVE-2018-9174 entry affects DedeCMS 5.7, specifically the sys_verifies.php component. The root cause is that modifytmp.inc contents are under an attacker’s control, allowing remote attackers to execute arbitrary PHP code via the refiles array parameter. This results in arbitrary code executio...

Z-BlogPHP Cross-Site Request Forgery Vulnerability

Z-BlogPHP is a powerful blogging program. A cross-site request forgery vulnerability exists in pluginedit.php in Z-BlogPHP 1.5.1 Zero. An attacker can exploit this vulnerability to execute arbitrary PHP code...