Hyvikk Fleet Manager - Shell Upload

======================================================================================== | Fleet Manager hyvikk Shell Upload Date: 29-04-2019 Title : Fleet Manager by hyvikk All versions | Author : saxgy1331 - Kaieteur-Falls-1331 | Vendor Homepage: https://codecanyon.net/item/fleet-manager/200518...

Code injection

An issue was discovered in SDCMS V1.7. In the \app\admin\controller\themecontroller.php file, the checkbad function's filtering is not strict, resulting in PHP code execution. This occurs because some dangerous PHP functions such as "eval" are blocked but others such as "system" are not, and...

Design/Logic Flaw

Some field types do not properly sanitize data from non-form sources in Drupal 8.5.x before 8.5.11 and Drupal 8.6.x before 8.6.10. This can lead to arbitrary PHP code execution in some cases. A site is only affected by this if one of the following conditions is met: The site has the Drupal 8 core...

PT-2019-18086 · Drupal · Drupal

Name of the Vulnerable Software and Affected Versions: Drupal versions 8.5.x before 8.5.11 Drupal versions 8.6.x before 8.6.10 Description: Some field types do not properly sanitize data from non-form sources in Drupal. This can lead to arbitrary PHP code execution in some cases. A site is only...

DRUPAL-CORE-2019-003

Some field types do not properly sanitize data from non-form sources. This can lead to arbitrary PHP code execution in some cases. A site is only affected by this if one of the following conditions is met: The site has the Drupal 8 core RESTful Web Services rest module enabled and allows GET, PAT...

CVE-2018-20772

Frog CMS 0.9.5 allows PHP code execution via ?php to the admin/?/layout/edit/1 URI...

Design/Logic Flaw

/panel/uploads in Subrion CMS 4.2.1 allows remote attackers to execute arbitrary PHP code via a .pht or .phar file, because the .htaccess file omits these...

CVE-2018-17826

HisiPHP 1.0.8 allows CSRF via admin.php/admin/user/adduser.html to add an administrator account. The attacker can then use that account to execute arbitrary PHP code by leveraging app/common/model/AdminAnnex.php to add .php to the default list of allowable file-upload types .jpg, .png, .gif, .jpe...

WordPress Code Execution Vulnerability

WordPress is a blogging platform developed using the PHP language by the WordPress Software Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A security vulnerability exists in WordPress version 4.9.7, which stems from the program's failure to detect...

UBUNTU-CVE-2018-14028

In WordPress 4.9.7, plugins uploaded via the admin area are not verified as being ZIP files. This allows for PHP files to be uploaded. Once a PHP file is uploaded, the plugin extraction fails, but the PHP file remains in a predictable wp-content/uploads location, allowing for an attacker to then...

DEBIAN-CVE-2018-14857

Unrestricted file upload with remote code execution in require/mail/NotificationMail.php in Webconsole in OCS Inventory NG OCS Inventory Server through 2.5 allows a privileged user to gain access to the server via a template file containing PHP code, because file extensions other than .html are...

Command Execution Vulnerability in OTCMS v3.53

Net Titanium Article Management System OTCMS is a simple and good asp article management system. A command execution vulnerability exists in OTCMS v3.53. An attacker can use the vulnerability to obtain website path information and write PHP code to gain server privileges...

CVE-2018-14334

manager/editor/upload.php in joyplus-cms 1.6.0 allows arbitrary file upload because detection of a prohibited file extension simply sets the $errm value, and does not otherwise alter the flow of control. Consequently, one can upload and execute a .php file, a similar issue to CVE-2018-8766...

CVE-2018-1000504

Redirection version 2.7.3 contains a ACE via file inclusion vulnerability in Pass-through mode that can result in allows admins to execute any PHP file in the filesystem. This attack appear to be exploitable via Attacker must be have access to an admin account on the target site. This vulnerabili...

CVE-2018-10760

Unrestricted file upload vulnerability in the Files plugin in ProjectPier 0.88 and earlier allows remote authenticated users to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request to the file in the tmp directory under the document...

The vulnerability of the conference communication component in Telecommunications Systems Mitel Connect OnSite and ST14.2 allows a intruder to execute arbitrary code.

The vulnerability of the conference communication components in Mitel Connect OnSite and ST 14.2 systems is related to improper code generation. Exploiting this vulnerability allows an attacker to inject arbitrary code into the generated PHP files and execute it using specially crafted requests t...

Code injection

Mahara 15.04 before 15.04.8 and 15.10 before 15.10.4 and 16.04 before 16.04.2 are vulnerable to PHP code execution as Mahara would pass portions of the XML through the PHP "unserialize" function when importing a skin from an XML file...

HelpDEZk File Upload Vulnerability

HelpDEZk is a suite of PHP-based software for managing requests and events. The software manages workflow, logging process and maintenance history through a shared service center. A file upload vulnerability exists in HelpDEZk version 1.1.1. A remote attacker can exploit this vulnerability by...

Clientside Validation - Critical - Arbitary PHP Execution - DRUPAL-SA-CONTRIB-2017-072

The Clientside Validation module enables you to have clientside Javascript validation on your forms. The module does not sufficiently validate parameters of a POST request made when validating a CAPTCHA. For the 1.x version of this module, this vulnerability is mitigated by the fact that the...

Multiple vulnerabilities in "Dokodemo eye Smart HD" SCR02HD

Overview Wireless monitor "Dokodemo eye Smart HD" SCR02HD provided by NIPPON ANTENNA Co., Ltd contains multiple vulnerabilities listed below. OS command injection CWE-78 - CVE-2017-10832 Improper access restriction CWE-425 - CVE-2017-10833 Directory traversal CWE-22 - CVE-2017-10834 Arbitrary PHP...