Command Execution Vulnerability in SongCMS PHP Version of Guangdong Kegel Technology Co.

SongCMS is a PHP MySQL, ASP Access/SQL Server based development, enterprise-oriented, multi-language support, free, open source CMS to help business users to quickly build and deploy enterprise-level portals. A command execution vulnerability exists in the PHP version of SongCMS by Guangdong Kege...

XSS Vulnerability in Nethub CMS PHP Version

OTCMS Nettie CMS is an article-based web content management system CMS. An XSS vulnerability exists in the PHP version of OTCMS, which can be exploited by attackers to obtain an administrator cookie...

WordPress Delightful Downloads Jquery File Tree 1.6.6 Plugin - Path Traversal Exploit

Exploit Title: WordPress Plugin Delightful Downloads Jquery File Tree 1.6.6 - Path Traversal Exploit Author: Nicholas Ferreira Vendor Homepage: https://github.com/A5hleyRich/delightful-downloads Version: =1.6.6 Tested on: Debian 11 CVE : CVE-2017-1000170 PHP version exploit: 7.3.27 POC: curl --da...

CMS Made Simple 2.2.15 Shell Upload

1 Summary Affected software CMS Made Simple-2.2.15 Vendor URLhttp://www.cmsmadesimple.org/ Vulnerability File upload bypass with .phar extension lead to RCE 2 Vulnerability Description The vulnerability affect the FilePicker module, it is possible to bypass the restriction and upload a malicious...

Joomla JCK Editor 6.4.4 - (parent) SQL Injection Exploit (2)

Exploit Title: Joomla JCK Editor 6.4.4 - 'parent' SQL Injection 2 Googke Dork: inurl:/plugins/editors/jckeditor/plugins/jtreelink/ Exploit Author: Nicholas Ferreira Vendor Homepage: http://docs.arkextensions.com/downloads/jck-editor Version: 6.4.4 Tested on: Debian 10 CVE : CVE-2018-17254 PHP...

Joomla JCK Editor 6.4.4 SQL Injection

Exploit Title: Joomla JCK Editor 6.4.4 - 'parent' SQL Injection 2 Googke Dork: inurl:/plugins/editors/jckeditor/plugins/jtreelink/ Date: 05/03/2021 Exploit Author: Nicholas Ferreira Vendor Homepage: http://docs.arkextensions.com/downloads/jck-editor Version: 6.4.4 Tested on: Debian 10 CVE :...

Joomla JCK Editor 6.4.4 - 'parent' SQL Injection (2)

Exploit Title: Joomla JCK Editor 6.4.4 - 'parent' SQL Injection 2 Googke Dork: inurl:/plugins/editors/jckeditor/plugins/jtreelink/ Date: 05/03/2021 Exploit Author: Nicholas Ferreira Vendor Homepage: http://docs.arkextensions.com/downloads/jck-editor Version: 6.4.4 Tested on: Debian 10 CVE :...

PT-2021-17068 · Directus · Directus

Name of the Vulnerable Software and Affected Versions: Directus versions 8.x through 8.8.1 Description: An attacker can learn sensitive information such as the version of the CMS, the PHP version used by the site, and the name of the DBMS, simply by viewing the result of the "api-aa" endpoint,...

Bolt Directory Traversal Vulnerability

Bolt is a simple CMS written in PHP. A directory traversal vulnerability exists in Controller/Backend/FileEditController.php and Controller/Backend/FilemanagerController.php in versions of Bolt prior to 4.1.13. No detailed vulnerability details are provided at this time...

Vulnerabilities fixed in PHP

Several vulnerabilities have been fixed in PHP. The vulnerabilities potentially enable an unauthenticated remote malicious person to able to launch attacks that result in the following categories of damage: Denial-of-Service DoS Spoofing Access to sensitive data -= Debian =- Debian has made updat...

Concrete CMS: Authenticated path traversal to RCE

crayons Description The bFilename parameter in the scenario index.php/ccm/system/dialogs/block/design/submit is vulnerable to remote code execution via path traversal vulnerability. Authenticated attacker with rights to edit web application pages can upload malicious PNG file containing PHP code...

CVE-2021-26938

A stored XSS issue exists in henriquedornas 5.2.17 via online live chat. NOTE: Third parties report that no such product exists. That henriquedornas is the web design agency and 5.2.17 is simply the PHP version running on this hosts...

Cross site scripting

DISPUTED A stored XSS issue exists in henriquedornas 5.2.17 via online live chat. NOTE: Third parties report that no such product exists. That henriquedornas is the web design agency and 5.2.17 is simply the PHP version running on this hosts...

CVE-2021-26938

A stored XSS issue exists in henriquedornas 5.2.17 via online live chat. NOTE: Third parties report that no such product exists. That henriquedornas is the web design agency and 5.2.17 is simply the PHP version running on this hosts...

PHP 7.3.x < 7.3.27 / 7.4.x < 7.4.15 / 8.x < 8.0.2 DoS

The version of PHP installed on the remote host is 7.3.x prior to 7.3.27, 7.4.x prior to 7.4.15, or 8.x prior to 8.0.2. It is, therefore, affected by a denial of service DoS vulnerability due to a null dereference in SoapClient. An unauthenticated, remote attacker can exploit this, by providing a...

PHP 7.3.x < 7.3.26 Input Validation Error

According to its self-reported version number, the version of PHP installed on the remote host is 7.3.x prior to 7.3.26, 7.4.x prior to 7.4.14, or 8.x prior to 8.0.1. It is, therefore, affected by an input validation error due to insufficient validation of a URL, as specified by the changelogs of...

CVE-2020-27397

Marital - Online Matrimonial Project In PHP version 1.0 suffers from an authenticated file upload vulnerability allowing remote attackers to gain remote code execution RCE on the Hosting web server via uploading a maliciously crafted PHP file...

CVE-2020-27397

Marital - Online Matrimonial Project In PHP version 1.0 suffers from an authenticated file upload vulnerability allowing remote attackers to gain remote code execution RCE on the Hosting web server via uploading a maliciously crafted PHP file...

PT-2020-16256 · Sourcecodester · Sourcecodester Student Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Student Management System Project in PHP version 1.0 Description: The issue is related to a cross-site scripting XSS vulnerability. This vulnerability can be exploited via the 'add subject' tab, allowing for stored XSS attacks...

PHP 7.4.x < 7.4.9 Use After Free Vulnerability

According to its self-reported version number, the version of PHP running on the remote web server is 7.2.x prior to 7.2.33, 7.3.x prior to 7.3.21 or 7.4.x prior to 7.4.9. It is, therefore, affected by a use after free vulnerability in the pharparse function due to mishandling of the actualalias...