Gila CMS 代码问题漏洞

Gila CMS is an open source content management system CMS based on PHP and MySQL. A file upload vulnerability exists in Gila CMS 1.16.0. An attacker can exploit this vulnerability to upload a shell to the tmp directory, which can then be used to execute PHP files using .htaccess via the logging...

CVE-2020-5796

Improper preservation of permissions in Nagios XI 5.7.4 allows a local, low-privileged, authenticated user to weaken the permissions of files, resulting in low-privileged users being able to write to and execute arbitrary PHP code with root privileges...

HorizontCMS 1.0.0-beta Shell Upload

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'HorizontCMS Arbitrary PHP File Upload', 'Description' = %q This module exploits an arbitrary file upload vulnerability in HorizontCMS 1.0.0-beta ...

CVE-2020-26048

The file manager option in CuppaCMS before 2019-11-12 allows an authenticated attacker to upload a malicious file within an image extension and through a custom request using the rename function provided by the file manager is able to modify the image extension into PHP resulting in remote...

CVE-2020-17452

flatCore before 1.5.7 allows upload and execution of a .php file by an admin...

Hostmaster (Aegir) - Moderately critical - Access bypass, Arbitrary code execution - SA-CONTRIB-2020-031

Aegir is a powerful hosting system that sits alongside a LAMP or LEMP server to create, deploy and manage Drupal sites. Given that Aegir can use both Apache and Nginx Web servers, Apache allows configuration-writing users to escalate their privileges to the superuser root, and Aegir's operations...

Drupal 8.9.x < 8.9.1 Multiple Vulnerabilities

According to its self-reported version, the instance of Drupal running on the remote web server is 7.0.x prior to 7.72, 8.8.x prior to 8.8.8, 8.9.x prior to 8.9.1 or 9.0.x prior to 9.0.1. It is, therefore, affected by multilple vulnerabilities : - A Cross-Site Request Forgery CSRF due to...

Elementor Pro < 2.9.4 - Authenticated Arbitrary File Upload

According to Jerome Bruandet, from NintechNet, the vulnerability, currently exploited by attackers, allows any logged-in user to upload and execute PHP scripts on the blog. Chloe Chamberland from Wordfence also confirmed the issue and added that "This vulnerability is being used in conjunction wi...

DRUPAL-CONTRIB-2020-011

This module enables you to build forms and surveys in Drupal. The module doesn't sufficiently filter webform element properties attributes under the scenario of editing a webform. Malicious user could craft such an attribute element\validate, for example that would invoke execution of undesired P...

FrozenNode Laravel-Administrator Code Issue Vulnerability

FrozenNode Laravel-Administrator is an admin interface generator for the Laravel framework. A code issue vulnerability exists in FrozenNode Laravel-Administrator 5.0.12 and earlier versions. The vulnerability can be exploited by an attacker with the file upload feature to bypass security...

CVE-2020-5558

CuteNews 2.0.1 allows remote authenticated attackers to execute arbitrary PHP code via unspecified vectors...

DEBIAN-CVE-2020-8865

This vulnerability allows remote attackers to execute local PHP files on affected installations of Horde Groupware Webmail Edition 5.2.22. Authentication is required to exploit this vulnerability. The specific flaw exists within edit.php. When parsing the paramstemplate parameter, the process doe...

CVE-2011-4906

CVE-2011-4906 concerns a vulnerability in the TinyMCE 3.0 editor integrated into Joomla! prior to 1.5.13. The connected documents confirm that an improper file upload mechanism could allow arbitrary PHP code execution via the TinyMCE-based upload path, enabling an attacker to execute code remotel...

CVE-2011-4906

Tiny browser in TinyMCE 3.0 editor in Joomla! before 1.5.13 allows file upload and arbitrary PHP code execution...

PT-2020-7484 · Drupal · Drupal Restws Module

Name of the Vulnerable Software and Affected Versions: Drupal restws module versions 7.x-1.x before 7.x-1.4 Drupal restws module versions 7.x-2.x before 7.x-2.1 Description: The issue allows remote authenticated users with certain permissions, such as access resource node and create page content,...

CVE-2019-20385

The CSV upload feature in /supervisor/procesacarga.php on Logaritmo Aware CallManager 2012 devices allows upload of .php files with a text/ content type. The PHP code can then be executed by visiting a /supervisor/csv/ URI...

VulnCheck KEV: CVE-2020-36875

AccessAlly WordPress plugin versions prior to 3.3.2 contain an unauthenticated arbitrary PHP code execution vulnerability in the Login Widget. The plugin processes the loginerror parameter as PHP code, allowing an attacker to supply and execute arbitrary PHP in the context of the WordPress web...

CVE-2015-9499

The Showbiz Pro plugin through 1.7.1 for WordPress has PHP code execution by uploading a .php file within a ZIP archive...

Code injection

osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist filtering in the "product" page. Remote authenticated administrators can upload new '.htaccess' files e.g., omitting .php and subsequently achieve arbitrary PHP code execution via a /catalog/admin/categories.php?cPath=&action=newprodu...

ok.ru: [insideok.ru] Remote Command Execution via file upload.

Incorrect configuration of the insideok.ru web server allowed PHP execution in the directory with user-generated files, which could be used for RCE...