Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers

Threat actors are increasingly using HTTP cookies as a control channel for PHP-based web shells on Linux servers and to achieve remote code execution, according to findings from the Microsoft Defender Security Research Team. "Instead of exposing command execution through URL parameters or request...

CVE-2026-24848

OpenEMR is a free and open source electronic health records and medical practice management application. In 7.0.4 and earlier, the disposeDocument method in EtherFaxActions.php allows authenticated users to write arbitrary content to arbitrary locations on the server filesystem. This vulnerabilit...

📄 WordPress StoreKeeper for WooCommerce 14.4.4 Shell Upload

A critical security vulnerability exists in the StoreKeeper for WooCommerce WordPress plugin that allows unauthenticated attackers to upload arbitrary files, including PHP web shells, leading to complete system compromise. Version 14.4.4 is affected...

EUVD-2020-21327

Malware in sbrugna...

CVE-2020-28939

OpenClinic version 0.8.2 is affected by a medical/testnew.php insecure file upload vulnerability. This vulnerability allows authenticated users with substantial privileges to upload malicious files, such as PHP web shells, which can lead to arbitrary code execution on the application server...

Hacktivist Group Twelve Targets Russian Entities with Destructive Cyber Attacks

A hacktivist group known as Twelve has been observed using an arsenal of publicly available tools to conduct destructive cyber attacks against Russian targets. "Rather than demand a ransom for decrypting data, Twelve prefers to encrypt victims' data and then destroy their infrastructure with a...

CISA Adds Citrix ShareFile Flaw to KEV Catalog Due to In-the-Wild Attacks

The U.S. Cybersecurity and Infrastructure Security Agency CISA has added a critical security flaw in Citrix ShareFile storage zones controller to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active in-the-wild exploitation. Tracked as CVE-2023-24489 CVSS score: 9.8, the...

Unrestricted file upload

OpenClinic version 0.8.2 is affected by a medical/testnew.php insecure file upload vulnerability. This vulnerability allows authenticated users with substantial privileges to upload malicious files, such as PHP web shells, which can lead to arbitrary code execution on the application server...

CVE-2020-28939

OpenClinic version 0.8.2 is affected by a medical/testnew.php insecure file upload vulnerability. This vulnerability allows authenticated users with substantial privileges to upload malicious files, such as PHP web shells, which can lead to arbitrary code execution on the application server...