7195 matches found
Duplicate
This advisory duplicates another...
Cowidgets – Elementor Addons <= 1.1.1 - Authenticated (Contributor+) Local File Inclusion
Description The Cowidgets – Elementor Addons plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.1.1 via the 'itemstyle' and 'style' parameters. This makes it possible for authenticated attackers, with Contributor-level access and above, to include a...
Remote code execution in web server context
User with administrative privileges and upload files that look like images but contain PHP code which can then be executed in the context of the web server...
Insecure Deserialization
typo3/cms-form is vulnerable to Insecure Deserialization. The vulnerability is due to the PECL package "yaml" with the PHP setting yml.decodephp enabled, which allows an attacker to deserialize arbitrary YAML to PHP code. An attacker must have a valid backend user account as well yaml.decodephp...
CVE-2024-5348 Elements For Elementor <= 2.1 - Authenticated (Contributor+) Local File Inclusion via Multiple Widget Attributes
The Elements For Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.1 via the 'beforeafterlayout' attribute of the beforeafter widget, the 'eventsgridlayout' attribute of the eventsgrid and list widgets, the 'marqueelayout' attribute of th...
CVE-2024-5345
CVE-2024-5345 affects the WordPress plugin Responsive Owl Carousel for Elementor. The vulnerability is a Local File Inclusion (LFI) in all versions up to 1.2.0, exploitable via the layout parameter. Authenticated attackers with Contributor-level access and above can cause the server to include an...
CVE-2024-5345 Responsive Owl Carousel for Elementor <= 1.2.0 - Local File Inclusion
The Responsive Owl Carousel for Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.2.0 via the layout parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary...
ElkArte Forum 1.1.9 - Remote Code Execution (RCE) (Authenticated)
Exploit Title : ElkArte Forum 1.1.9 - Remote Code Execution RCE Authenticated Date: 2024-5-24 Exploit Author: tmrswrr Category: Webapps Vendor Homepage: https://www.elkarte.net/ Software Link : https://github.com/elkarte/Elkarte/releases/download/v1.1.9/ElkArtev1-1-9install.zip Version : 1.1.9 1...
Content Blocks (Custom Post Widget) < 3.3.1 - Authenticated (Contributor+) Local File Inclusion via Shortcode
Description The Content Blocks Custom Post Widget plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.3.0 via the plugin's 'contentblock' shortcode. This makes it possible for authenticated attackers, with contributor-level access and above, to inclu...
Code injection in the way Symfony implements translation caching in FrameworkBundle
When investigating issue 11093, Jeremy Derussé found a serious code injection issue in the way Symfony implements translation caching in FrameworkBundle. - Your Symfony application is vulnerable if you meet the following conditions: - You are using the Symfony translation system from...
GHSA-WFV7-5X33-V22H Code injection in the way Symfony implements translation caching in FrameworkBundle
When investigating issue 11093, Jeremy Derussé found a serious code injection issue in the way Symfony implements translation caching in FrameworkBundle. - Your Symfony application is vulnerable if you meet the following conditions: - You are using the Symfony translation system from...
UBUNTU-CVE-2024-35226
Smarty is a template engine for PHP, facilitating the separation of presentation HTML/CSS from application logic. In affected versions template authors could inject php code by choosing a malicious file name for an extends-tag. Sites that cannot fully trust template authors should update asap. Al...
CVE-2024-35226 PHP Code Injection by malicious attribute in extends-tag in Smarty
Smarty is a template engine for PHP, facilitating the separation of presentation HTML/CSS from application logic. In affected versions template authors could inject php code by choosing a malicious file name for an extends-tag. Sites that cannot fully trust template authors should update asap. Al...
Exploit for OS Command Injection in Dolibarr Dolibarr_Erp\/Crm
POC exploit for Dolibarr example: python3 exploit.py http...
CVE-2024-5407
A vulnerability in RhinOS 3.0-1190 could allow PHP code injection through the "search" parameter in /portal/search.htm. This vulnerability could allow a remote attacker to perform a reverse shell on the remote system, compromising the entire infrastructure...
CVE-2024-5407
A vulnerability in RhinOS 3.0-1190 could allow PHP code injection through the "search" parameter in /portal/search.htm. This vulnerability could allow a remote attacker to perform a reverse shell on the remote system, compromising the entire infrastructure...
CVE-2024-5407
CVE-2024-5407 affects RhinOS 3.0-1190. A PHP code injection via the search parameter in /portal/search.htm is described, enabling a remote attacker to run a reverse shell and thereby compromise the entire infrastructure. Concrete details from connected sources specify the vulnerable component (Rh...
CVE-2024-5407 Code Injection vulnerability in RhinOS from SaltOS
A vulnerability in RhinOS 3.0-1190 could allow PHP code injection through the "search" parameter in /portal/search.htm. This vulnerability could allow a remote attacker to perform a reverse shell on the remote system, compromising the entire infrastructure...
CVE-2024-5407 Code Injection vulnerability in RhinOS from SaltOS
A vulnerability in RhinOS 3.0-1190 could allow PHP code injection through the "search" parameter in /portal/search.htm. This vulnerability could allow a remote attacker to perform a reverse shell on the remote system, compromising the entire infrastructure...
PT-2024-36021 · Rhinos · Rhinos
Name of the Vulnerable Software and Affected Versions: RhinOS versions 3.0-1190 Description: A vulnerability could allow PHP code injection through the "search" parameter in /portal/search.htm, enabling a remote attacker to perform a reverse shell on the remote system and compromise the entire...