CVE-2023-53892

Blackcat CMS 1.4 contains a remote code execution vulnerability that allows authenticated administrators to upload malicious PHP files through the jquery plugin manager. Attackers can upload a zip file with a PHP shell script and execute arbitrary system commands by accessing the uploaded plugin'...

CVE-2023-53892

Blackcat CMS 1.4 contains a remote code execution vulnerability that allows authenticated administrators to upload malicious PHP files through the jquery plugin manager. Attackers can upload a zip file with a PHP shell script and execute arbitrary system commands by accessing the uploaded plugin'...

CVE-2023-53892 Blackcat CMS 1.4 Remote Code Execution via Jquery Plugin Manager

Blackcat CMS 1.4 contains a remote code execution vulnerability that allows authenticated administrators to upload malicious PHP files through the jquery plugin manager. Attackers can upload a zip file with a PHP shell script and execute arbitrary system commands by accessing the uploaded plugin'...

CVE-2023-53892 Blackcat CMS 1.4 Remote Code Execution via Jquery Plugin Manager

Blackcat CMS 1.4 contains a remote code execution vulnerability that allows authenticated administrators to upload malicious PHP files through the jquery plugin manager. Attackers can upload a zip file with a PHP shell script and execute arbitrary system commands by accessing the uploaded plugin'...

PT-2025-51310

Name of the Vulnerable Software and Affected Versions Blackcat CMS version 1.4 Description Blackcat CMS version 1.4 has a remote code execution issue. Authenticated administrators can upload malicious PHP files using the jquery plugin manager. An attacker can upload a zip file containing a PHP...

CVE-2024-58282

Serendipity 2.5.0 contains a remote code execution vulnerability that allows authenticated administrators to upload malicious PHP files through the media upload functionality. Attackers can exploit the file upload mechanism by creating a PHP shell with a command execution form that enables...

CVE-2024-58280 CMSimple 5.15 Remote Command Execution via Extensions Configuration

CMSimple 5.15 contains a remote command execution vulnerability that allows authenticated attackers to modify file extensions and upload malicious PHP files. Attackers can append ',php' to Extensionsuserfiles and upload a shell script to the media directory to execute arbitrary code on the server...

Shopware vulnerable to path traversal via Plugin upload

Impact Malicious actors can exploit this vulnerability to write files within arbitrary directories on the filesystem of the Shopware web container. This could allow them to gain persistent shell access by uploading a PHP-shell file to an accessible folder. It is important to note that this...

EUVD-2012-1120

Malware in sbrugna...

EUVD-2019-4411

Malware in sbrugna...

EUVD-2012-1119

Malware in sbrugna...

EUVD-2017-7298

Malware in sbrugna...

EUVD-2021-11893

Malware in sbrugna...

EUVD-2025-27595

Malicious code in bioql PyPI...

EUVD-2021-33048

Malicious code in bioql PyPI...

EUVD-2023-37643

Malicious code in bioql PyPI...

Exploit for CVE-2025-8625

CVE-2025-8625 Copypress Rest API 1.1 - 1.2 - Missing Configura...

📄 ABB Cylon Aspect 3.08.04 DeploySource Unauthenticated Remote Code Execution

ABB Cylon Aspect BMS/BAS version 3.08.04 is vulnerable to a critical flaw in the AuthenticatedHttpServlet within its application server, enabling remote attackers to bypass authentication by setting the Host: 127.0.0.1 header. This deceives the server into processing requests as if they originate...

Exploit for Unrestricted Upload of File with Dangerous Type in Pluck-Cms Pluck

CVE-2023-50564 📌 Description This exploit allows an authe...

CVE-2024-5630

The Insert or Embed Articulate Content into WordPress plugin before 4.3000000024 does not prevent authors from uploading arbitrary files to the site, which may allow them to upload PHP shells on affected sites...