ExpressionEngine 6.0.2 PHP Code Injection Vulnerability

---------------------------------------------------------------------------- ExpressionEngine security-sanitizefilename$file; 366. 367. $destdir = $this-languagesdir . $language . '/'; 368. $filename = $file . 'lang.php'; 369. $destloc = $destdir . $filename; 370. 371. $str = 'lang-loadfile$file;...

CVE-2021-27230

ExpressionEngine before 5.4.2 and 6.x before 6.0.3 allows PHP Code Injection by certain authenticated users who can leverage Translate::save to write to an lang.php file under the system/user/language directory...

CVE-2021-27230

ExpressionEngine before 5.4.2 and 6.x before 6.0.3 allows PHP Code Injection by certain authenticated users who can leverage Translate::save to write to an lang.php file under the system/user/language directory...

CVE-2021-27230

ExpressionEngine prior to 5.4.2 and 6.x prior to 6.0.3 is affected by a PHP code injection vulnerability. Authenticated users able to invoke Translate::save() can write to an _lang.php file under system/user/language, enabling arbitrary PHP execution. Root cause: Translate::save() path handling a...

CVE-2021-27230

ExpressionEngine before 5.4.2 and 6.x before 6.0.3 allows PHP Code Injection by certain authenticated users who can leverage Translate::save to write to an lang.php file under the system/user/language directory...

GHSA-3RPF-5RQV-689Q PHP Code Injection by malicious function name in smarty

Template authors could inject php code by choosing a malicous function name. Sites that cannot fully trust template authors should update as soon as possible. Please upgrade to 3.1.39 or higher...

PHP Code Injection by malicious function name in smarty

Template authors could inject php code by choosing a malicous function name. Sites that cannot fully trust template authors should update as soon as possible. Please upgrade to 3.1.39 or higher...

NeDi PHP Code Injection Vulnerability

NeDi is an open source software tool that discovers, maps and inventories network devices and tracks connected end nodes. NeDi 1.9C suffers from a PHP code injection vulnerability. The vulnerability can be exploited to inject PHP code into the System Files function of endpoint /System-Files.php v...

NeDi <= 1.9C, 2.0 Multiple Vulnerabilities

NeDi is prone to multiple vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribu...

CVE-2021-26753

NeDi 1.9C allows an authenticated user to inject PHP code in the System Files function on the endpoint /System-Files.php via the txt HTTP POST parameter. This allows an attacker to obtain access to the operating system where NeDi is installed and to all application data...

CVE-2021-26753

CVE-2021-26753 affects NeDi 1.9C. An authenticated user can inject PHP code via the txt HTTP POST parameter to /System-Files.php, enabling code execution and access to the underlying OS and all application data. Connected sources confirm the vulnerability details; no remediation steps are provide...

Nedi Consulting NeDi 代码注入漏洞

NeDi is an open source software tool that discovers, maps and inventories network devices and tracks connected end nodes. NeDi 1.9C suffers from a PHP code injection vulnerability. The vulnerability can be exploited to inject PHP code into the System Files function of endpoint /System-Files.php v...

Smarty_Internal_Runtime_TplFunction Sandbox Escape PHP Code Injection

More info at https://srcincite.io/blog/2021/02/18/smarty-template-engine-multiple-sandbox-escape-vulnerabilities.html...

template_object Sandbox Escape PHP Code Injection

More info at https://srcincite.io/blog/2021/02/18/smarty-template-engine-multiple-sandbox-escape-vulnerabilities.html...

CVE-2020-35131

Affected software: Cockpit CMS pre-0.6.1. The vulnerability is a code execution flaw caused by insecure handling of registerCriteriaFunction in lib/MongoLite/Database.php, enabling an attacker to inject PHP through crafted JSON values to /auth/check or /auth/requestreset. Impact is remote, unauth...

PT-2021-11714 · Cockpit · Cockpit

Name of the Vulnerable Software and Affected Versions: Cockpit versions prior to 0.6.1 Description: The issue allows an attacker to inject custom PHP code and achieve Remote Command Execution via the registerCriteriaFunction in lib/MongoLite/Database.php. This can be demonstrated by sending value...

CVE-2020-25557

In CMSuno 1.6.2, an attacker can inject malicious PHP code as a "username" while changing his/her username & password. After that, when attacker logs in to the application, attacker's code will be run. As a result of this vulnerability, authenticated user can run command on the server...

CVE-2020-25557

CMSUno 1.6.2 is affected by a code-injection vulnerability where an attacker can inject PHP code via the username field while changing their username/password. When the attacker logs in, the injected code executes, enabling an authenticated user to run commands on the server. Public advisories (e...

CVE-2020-25557

In CMSuno 1.6.2, an attacker can inject malicious PHP code as a “username” while changing his/her username & password. After that, when attacker logs in to the application, attacker’s code will be run. As a result of this vulnerability, authenticated user can run command on the server. Recent...

PT-2020-16109 · Cmsuno · Cmsuno

Name of the Vulnerable Software and Affected Versions: CMSuno version 1.6.2 Description: The issue allows an attacker to inject malicious PHP code as a username while changing their username and password. After the attacker logs in to the application, their code will be executed, enabling an...