File upload vulnerability exists in BeyongCms (CNVD-2020-31489)

BeyongCms is a content management system based on ThinkPHP 5.1 framework. A file upload vulnerability exists in BeyongCms. An attacker can exploit this vulnerability to upload malicious files and gain administrative privileges on the server...

File Upload Vulnerability in CRMEB Open Edition V3.1.0

CRMEB mall system is based on ThinkPhp6.0 + Vue development of a set of new retail mobile e-commerce system, CRMEB system is a set of customer relationship management + marketing e-commerce system, can quickly accumulate customers, member data analysis, intelligent conversion of customers,...

Fedora: Security Advisory for php-symfony4 (FEDORA-2020-fade6a8df7)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 32 Update: php-symfony4-4.4.7-1.fc32

Symfony PHP framework version 4. NOTE: Does not require PHPUnit bridge...

Fedora Update for php-symfony FEDORA-2019-5ae4fd9203

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Command Execution Vulnerability in the Background of Wild Rain Novel CMS

Wild Rain Novel cms is a lightweight novel website solution based on ThinkPHP 5.1+MySQL technology. Rainy Novel cms backend has a command execution vulnerability, attackers can use the vulnerability to execute malicious code...

Arbitrary File Deletion Vulnerability in DSCMS Enterprise Content Management System

DSCMS is Changsha Deshaun network based on ThinkPHP5.0 framework development, using PHP + Mysql architecture, is a suitable for the construction of enterprise website cms station building system features a comprehensive SEO-friendly dual-language open source CMS system. DSCMS enterprise station...

EyouCms suffers from SQL injection vulnerability (CNVD-2020-02271)

EyouCms is a free + open source enterprise content management system developed on the core of TP5.0 framework. EyouCms SQL injection vulnerability , attackers can use the vulnerability to obtain sensitive database information...

Debian: Security Advisory (DLA-1999-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 30 Update: php-symfony-2.8.52-1.fc30

PHP framework for web projects...

[SECURITY] Fedora 31 Update: php-symfony3-3.4.35-2.fc31

Symfony PHP framework version 3. NOTE: Does not require PHPUnit bridge...

Debian DLA-1999-1 : symfony security update

Multiple vulnerabilities have been found in the Symfony PHP framework which could lead to a timing attack/information leak, argument injection and code execution via unserialization. For Debian 8 'Jessie', these problems have been fixed in version 2.3.21+dfsg-4+deb8u6. We recommend that you upgra...

Debian DSA-4573-1 : symfony - security update

Multiple vulnerabilities have been found in the Symfony PHP framework which could lead to a timing attack/information leak, argument injection and code execution via unserialization. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian...

Trump Campaign Website Left Open to Email Server Hijack

A mistake made by website developers left an official re-election website for President Donald Trump open to attack. The error, impacting hundreds of other websites as well, is tied to a website development tool called Laravel, used to test sites before they go live. The tool, accidentally left...

Schben Adive Cross-Site Request Forgery Vulnerability

Schben Adive is a PHP-based web development framework . A cross-site request forgery vulnerability exists in the Internal/Views/config.php file in Schben Adive version 2.0.7, which stems from a WEB application that does not adequately validate whether a request is coming from a trusted user, and...

File Upload Vulnerability in YFCMF Fi***.p*** Page

YFCMF is a backend content management framework using ThinkPHP 5.1. + foreign ACE 1.40 UI template. A file upload vulnerability exists in the YFCMF Fi.p page, which can be exploited by an attacker to gain server privileges...

WorkSuite PRM 2.4 SQL Injection

=========================================================================================== Exploit Title: WorkSuite PRM 2.4 - 'password' SQL Inj. Dork: N/A Date: 01-05-2019 Exploit Author: Mehmet Emiroglu Vendor Homepage: https://codecanyon.net/item/worksuite-project-management-system/20052522...

File upload vulnerability in vaeThink

vaeThink is a lightweight, high speed PHP content management framework built on Layui and tp5. A file upload vulnerability exists in vaeThink, which can be exploited by attackers to gain server privileges...

Debian DSA-4441-1 : symfony - security update

Multiple vulnerabilities were discovered in the Symfony PHP framework which could lead to cache bypass, authentication bypass, information disclosure, open redirect, cross-site request forgery, deletion of arbitrary files, or arbitrary code execution. C Tenable Network Security, Inc. The...

Debian: Security Advisory (DSA-4441-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...