CVE-2022-25402

CVE-2022-25402 describes an improper access-control flaw in HMS v1.0 that allows unauthenticated attackers to read and modify all PHP files. The root cause is an incorrect access-control mechanism that fails to limit access to sensitive PHP assets. Affected product: HMS v1.0 (as per multiple sour...

PT-2022-17265 · Hms · Hms

Name of the Vulnerable Software and Affected Versions: HMS version 1.0 Description: An issue with access control in HMS allows unauthenticated attackers to read and modify all PHP files. Recommendations: For HMS version 1.0, consider restricting access to PHP files until a fix is available. As a...

OIC Exponent CMS File Upload Vulnerability

OIC Exponent CMS is a free, open source PHP-based modular content management system CMS from OIC, Inc. The system supports direct editing in pages and provides user management, site configuration, content editing, etc. Exponent CMS has a file upload vulnerability that stems from the application's...

Improper Access Control in mautic/mautic

Description I couldn't find a suitable vulnerability type for this kind of issue, so this may be incorrect the default .htaccess file has some restrictions in the access to PHP files. Deny access via HTTP requests to all PHP files. Order deny,allow Deny from all ... Except those whitelisted bello...

Custom Content Shortcode < 4.0.2 - Authenticated Arbitrary File Access / LFI

The plugin does not validate the data passed to its load shortcode, which could allow Contributor+ v 4.0.1 or Admin+ v 4.0.2 users to display arbitrary files from the filesystem such as logs, .htaccess etc, as well as perform Local File Inclusion attacks as PHP files will be executed. Please note...

Remote code execution

In MartDevelopers KEA-Hotel-ERP open source as of 12-31-2021, a remote code execution vulnerability can be exploited by uploading PHP files using the file upload vulnerability in this service...

SuiteCRM Cross-Site Request Forgery Vulnerability

SuiteCRM is a customer relationship management system from the SuiteCRM Suitecrm team.SuiteCRM has a cross-site request forgery vulnerability in versions prior to 7.11.21, which stems from the software's lack of token validation for cross-site request forgery. If the ZIP archive file contains PHP...

WordPress plugin跨站请求伪造漏洞

WordPress is the WordPress Foundation's set of blogging platforms developed using the PHP language. The WordPress Modal Window plugin was vulnerable to cross-site request forgery prior to 5.2.2. The vulnerability stems from the plugin's failure to effectively filter calls to remote file resources...

Bazaar Web PHP Social Listings Shell Upload Vulnerability

-- Exploit Title: Bazaar Web PHP Social Listings Arbitrary File Upload Exploit Author: Sohel Yousef - email protected Software Link: https://codecanyon.net/item/bazaar-social-listing-shopping-web-php-template/23207913 Software Demo :https://xserver.app/apps/bazaar-web/index.php Category: webapps ...

CVE-2021-43175

The GOautodial API prior to commit 3c3a979 made on October 13th, 2021 exposes an API router that accepts a username, password, and action that routes to other PHP files that implement the various API functions. Vulnerable versions of GOautodial validate the username and password incorrectly,...

Design/Logic Flaw

The GOautodial API prior to commit 3c3a979 made on October 13th, 2021 takes a user-supplied “action” parameter and appends a .php file extension to locate and load the correct PHP file to implement the API call. Vulnerable versions of GOautodial do not sanitize the user input that specifies the...

Code injection

The Loco Translate WordPress plugin before 2.5.4 mishandles data inputs which get saved to a file, which can be renamed to an extension ending in .php, resulting in authenticated "translator" users being able to inject PHP code into files ending with .php in web accessible locations...

Online Reviewer System Remote Code Execution Vulnerability

Online Reviewer System is an application. Online Reviewer System version 1.0 contains a remote code execution vulnerability that could be exploited by attackers to bypass image upload filters and upload maliciously crafted PHP files...

CVE-2021-37372

Online Student Admission System 1.0 is affected by an insecure file upload vulnerability. A low privileged user can upload malicious PHP files by updating their profile image to gain remote code execution...

CVE-2021-40887

Projectsend version r1295 is affected by a directory traversal vulnerability. Because of lacking sanitization input for files parameter, an attacker can add ../ to move all PHP files or any file on the system that has permissions to /upload/files/ folder...

WordPress 插件 代码问题漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress Plugin is an open source application plugin for WordPress. A code issue vulnerability exists in the Simp...

The vulnerability of the Contao content management system, related to improper code generation, allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Contao content management system is related to improper handling of code generation. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information by downloading specially created PHP...

ROS-2-794

2.794 Multiple Vulnerabilities in Moodle 1. Vulnerability description: The vulnerability discovered allows a remote attacker to perform cross-site scripting XSS attacks. The vulnerability allows a remote user to gain unauthorized access to other restricted features. Vulnerability allows a remote...

CVE-2020-18121

A configuration issue in Indexhibit 2.1.5 allows authenticated attackers to modify .php files, leading to getshell...

CVE-2020-18121

A configuration issue in Indexhibit 2.1.5 allows authenticated attackers to modify .php files, leading to getshell...