7202 matches found
CVE-2020-19822
A remote code execution RCE vulnerability in templateuser.php of ZZCMS version 2018 allows attackers to execute arbitrary PHP code via the "ml" and "title" parameters...
PT-2021-10414 · Zzcms · Zzcms
Name of the Vulnerable Software and Affected Versions: ZZCMS version 2018 Description: A remote code execution issue in the template user.php file allows attackers to execute arbitrary PHP code. This is achieved via the ml and title parameters. Recommendations: For ZZCMS version 2018, consider...
D-Link DIR-816 Command Execution Vulnerability (CNVD-2021-67516)
The D-Link DIR-816 is a wireless router from D-Link, Taiwan, China.The D-Link DIR-816 has a security vulnerability that could be exploited by attackers to execute arbitrary php code via the typename parameter...
DedeCMS arbitrary PHP code execution vulnerability (CNVD-2021-94947)
DedeCMS Weaving Dream Content Management System is an open source content management system that is simple, robust, flexible, and open source. an arbitrary PHP code execution vulnerability exists in the plus/search.php component of DedeCMS 5.7 SP2. The vulnerability stems from the contents of...
Code injection
The plus/search.php component in DedeCMS 5.7 SP2 allows remote attackers to execute arbitrary PHP code via the typename parameter because the contents of typename.inc are under an attacker's control...
CVE-2020-18917
The plus/search.php component in DedeCMS 5.7 SP2 allows remote attackers to execute arbitrary PHP code via the typename parameter because the contents of typename.inc are under an attacker's control...
flatCore remote code execution vulnerability
flatCore is a PHP and SQLite based Web Content Management System CMS. flatCore version 2.0.7 is vulnerable to remote code execution. An attacker can exploit the vulnerability to execute arbitrary php code by uploading the addon plugin...
The vulnerability of the File Manager plugin (wp-file-manager) of the WordPress content management system allows a hacker to execute arbitrary PHP code on the target system.
The vulnerability of the File Manager plugin wp-file-manager in the WordPress content management system is related to the ability to download files of a dangerous type without limitation. Exploiting this vulnerability allows a malicious actor to execute any PHP code on the target system remotely...
CVE-2021-39608
Remote Code Execution RCE vulnerabilty exists in FlatCore-CMS 2.0.7 via the upload addon plugin, which could let a remote malicious user exeuct arbitrary php code...
Remote code execution
Remote Code Execution RCE vulnerabilty exists in FlatCore-CMS 2.0.7 via the upload addon plugin, which could let a remote malicious user exeuct arbitrary php code...
CVE-2021-39608
Remote Code Execution RCE vulnerabilty exists in FlatCore-CMS 2.0.7 via the upload addon plugin, which could let a remote malicious user exeuct arbitrary php code...
Online Traffic Offense Management System 1.0 - Remote Code Execution (RCE) (Unauthenticated)
Exploit Title: Online Traffic Offense Management System 1.0 - Remote Code Execution RCE Unauthenticated Date: 20-08-2021 Exploit Author: Halit AKAYDIN hLtAkydn Vendor Homepage: https://www.sourcecodester.com Software Link:...
Online Traffic Offense Management System 1.0 - Remote Code Execution (Unauthenticated) Exploit
Exploit Title: Online Traffic Offense Management System 1.0 - Remote Code Execution RCE Unauthenticated Exploit Author: Halit AKAYDIN hLtAkydn Vendor Homepage: https://www.sourcecodester.com Software Link:...
Online Traffic Offense Management System 1.0 Remote Code Execution
Exploit Title: Online Traffic Offense Management System 1.0 - Remote Code Execution RCE Unauthenticated Date: 20-08-2021 Exploit Author: Halit AKAYDIN hLtAkydn Vendor Homepage: https://www.sourcecodester.com Software Link:...
Remote code execution
A remote code execution RCE in e/install/index.php of EmpireCMS 7.5 allows attackers to execute arbitrary PHP code via writing malicious code to the install file...
CVE-2020-22937
A remote code execution RCE in e/install/index.php of EmpireCMS 7.5 allows attackers to execute arbitrary PHP code via writing malicious code to the install file...
Simple Water Refilling Station Management System 1.0 - Remote Code Execution (RCE) through File Upload
Exploit Title: Simple Water Refilling Station Management System 1.0 - Remote Code Execution RCE through File Upload Exploit Author: Matt Sorrell Date: 2021-08-14 Vendor Homepage: https://www.sourcecodester.com Software Link:...
CVE-2021-31731
A directory traversal issue in KiteCMS 1.1.1 allows remote administrators to overwrite arbitrary files via ../ in the path parameter to index.php/admin/Template/fileedit, with PHP code in the html parameter...
OS Command Injection
topthink/think is vulnerable OS command injection. An attacker is able to inject malicious PHP code via /library/think/App.php...
GHSA-CH3R-VP46-8G22 Code injection in topthink/think
A remote code execution RCE vulnerability in /library/think/App.php of Twothink v2.0 allows attackers to execute arbitrary PHP code...