856 matches found
CVE-2022-3076
The CM Download Manager WordPress plugin before 2.8.6 allows high privilege users such as admin to upload arbitrary files by setting the any extension via the plugin's setting, which could be used by admins of multisite blog to upload PHP files for example...
CVE-2022-4328
The WooCommerce Checkout Field Manager WordPress plugin before 18.0 does not validate files to be uploaded, which could allow unauthenticated attackers to upload arbitrary files such as PHP on the server...
CVE-2022-43277
Canteen Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via ip/youthappam/phpaction/editFile.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-1939
The Allow svg files WordPress plugin before 1.1 does not properly validate uploaded files, which could allow high privilege users such as admin to upload PHP files even when they are not allowed to...
CVE-2022-30529
File upload vulnerability in asith-eranga ISIC tour booking through version published on Feb 13th 2018, allows attackers to upload arbitrary files via /system/application/libs/js/tinymce/plugins/filemanager/dialog.php and /system/application/libs/js/tinymce/plugins/filemanager/upload.php...
CVE-2021-25780
An arbitrary file upload vulnerability has been identified in posts.php in Baby Care System 1.0. The vulnerability could be exploited by an remote attacker to upload content to the server, including PHP files, which could result in command execution and obtaining a shell...
CVE-2021-36454
Cross Site Scripting XSS vulnerability in Naviwebs Navigate Cms 2.9 via the navigate-quickse parameter to 1 backups\backups.php, 2 blocks\blocks.php, 3 brands\brands.php, 4 comments\comments.php, 5 coupons\coupons.php, 6 feeds\feeds.php, 7 functions\functions.php, 8 items\items.php, 9...
CVE-2021-24721
The Loco Translate WordPress plugin before 2.5.4 mishandles data inputs which get saved to a file, which can be renamed to an extension ending in .php, resulting in authenticated "translator" users being able to inject PHP code into files ending with .php in web accessible locations...
CVE-2021-25003
The WPCargo Track & Trace WordPress plugin before 6.9.0 contains a file which could allow unauthenticated attackers to write a PHP file anywhere on the web server, leading to RCE...
CVE-2020-25735
webTareas through 2.1 allows XSS in clients/editclient.php, extensions/addextension.php, administration/addannouncement.php, administration/departments.php, administration/locations.php, expenses/claimtype.php, projects/editproject.php, and general/newnotifications.php...
CVE-2020-23973
KandNconcepts Club CMS 1.1 and 1.2 has SQL Injection via the 'team.php,player.php,club.php' id parameter...
CVE-2014-5107
concrete5 before 5.6.3 allows remote attackers to obtain the installation path via a direct request to 1 system/basics/editor.php, 2 system/view.php, 3 system/environment/filestoragelocations.php, 4 system/mail/importers.php, 5 system/mail/method.php, 6 system/permissions/filetypes.php, 7...
CVE-2010-4608
Habari 0.6.5 allows remote attackers to obtain sensitive information via a direct request to 1 header.php and 2 commentsitems.php in system/admin/, which reveals the installation path in an error message...
CVE-2012-1645
The CDN module 6.x-2.2 and 7.x-2.2 for Drupal, when running in Origin Pull mode with the "Far Future expiration" option enabled, allows remote attackers to read arbitrary PHP files via unspecified vectors, as demonstrated by reading settings.php...
CVE-2011-3709
b2evolution 3.3.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by locales/ruRU/ru-RU.locale.php and certain other files...
CVE-2019-12530
Incorrect access control was discovered in the stdonato Dashboard plugin through 0.9.7 for GLPI, affecting df.php, issue.php, load.php, mem.php, traf.php, and uptime.php in front/sh...
CVE-2011-3793
Pixie 1.04 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by admin/modules/static.php and certain other files...
CVE-2019-17490
app\modules\polygon\controllers\ProblemController in Jiangnan Online Judge aka jnoj 0.8.0 allows arbitrary file upload, as demonstrated by PHP code with a .php filename but the image/png content type to the web/polygon/problem/tests URI...
CVE-2011-3703
AneCMS 1.0 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by widgets/menu/index.php and certain other files...
CVE-2013-1468
Cross-site request forgery CSRF vulnerability in the LocalFiles Editor plugin in Piwigo before 2.4.7 allows remote attackers to hijack the authentication of administrators for requests that create arbitrary PHP files via unspecified vectors...