7206 matches found
Code injection
SugarCRM CE = 6.3.1 contains scripts that use "unserialize" with user controlled input which allows remote attackers to execute arbitrary PHP code...
CVE-2015-9499
The Showbiz Pro plugin through 1.7.1 for WordPress has PHP code execution by uploading a .php file within a ZIP archive...
Code injection
The Showbiz Pro plugin through 1.7.1 for WordPress has PHP code execution by uploading a .php file within a ZIP archive...
CVE-2015-9499
CVE-2015-9499 affects the WordPress ShowBiz Pro plugin (≤ 1.7.1). The connected template details an authenticated arbitrary file upload to the WordPress admin endpoint (admin-ajax.php) that can upload a PHP file (e.g., inside a ZIP) and lead to remote code execution. Impact described: full server...
WBCE CMS File Rename Filter Bypass Vulnerability
WBCE CMS is an open source content management system CMS based on PHP and MySQL. A security vulnerability exists in the admin/media/rename.php file in WBCE CMS 1.4.0 and earlier versions. An attacker can exploit the vulnerability to rename media file names and extensions to execute arbitrary PHP...
CVE-2019-17613
qibosoft 7 allows remote code execution because do/jf.php makes eval calls. The attacker can use the Point Introduction Management feature to supply PHP code to be evaluated. Alternatively, the attacker can access admin/index.php?lfj=jfadmin&action=addjf via CSRF, as demonstrated by a payload in...
Cross site request forgery (csrf)
qibosoft 7 allows remote code execution because do/jf.php makes eval calls. The attacker can use the Point Introduction Management feature to supply PHP code to be evaluated. Alternatively, the attacker can access admin/index.php?lfj=jfadmin&action=addjf via CSRF, as demonstrated by a payload in...
CVE-2019-17613
CVE-2019-17613 affects qibosoft 7. The vulnerability is due to do/jf.php performing eval on input, enabling remote code execution. An attacker can leverage the Point Introduction Management feature to inject PHP code to be evaluated, or exploit CSRF via admin/index.php?lfj=jfadmin&action=addjf (p...
CVE-2019-17575
A file-rename filter bypass exists in admin/media/rename.php in WBCE CMS 1.4.0 and earlier. This can be exploited by an authenticated user with admin privileges to rename a media filename and extension. For example: place PHP code in a .jpg file, and then change the file's base name to filename.p...
CVE-2019-17575
A file-rename filter bypass exists in admin/media/rename.php in WBCE CMS 1.4.0 and earlier. This can be exploited by an authenticated user with admin privileges to rename a media filename and extension. For example: place PHP code in a .jpg file, and then change the file's base name to filename.p...
Code injection
A file-rename filter bypass exists in admin/media/rename.php in WBCE CMS 1.4.0 and earlier. This can be exploited by an authenticated user with admin privileges to rename a media filename and extension. For example: place PHP code in a .jpg file, and then change the file's base name to filename.p...
CVE-2019-17490
app\modules\polygon\controllers\ProblemController in Jiangnan Online Judge aka jnoj 0.8.0 allows arbitrary file upload, as demonstrated by PHP code with a .php filename but the image/png content type to the web/polygon/problem/tests URI...
Design/Logic Flaw
app\modules\polygon\controllers\ProblemController in Jiangnan Online Judge aka jnoj 0.8.0 allows arbitrary file upload, as demonstrated by PHP code with a .php filename but the image/png content type to the web/polygon/problem/tests URI...
CVE-2019-17370
OTCMS v3.85 allows arbitrary PHP Code Execution because admin/sysCheckFiledeal.php blocks "into outfile" in a SELECT statement, but does not block the "into//outfile" manipulation. Therefore, the attacker can create a .php file...
CVE-2019-17370
OTCMS v3.85 allows arbitrary PHP Code Execution because admin/sysCheckFiledeal.php blocks "into outfile" in a SELECT statement, but does not block the "into//outfile" manipulation. Therefore, the attacker can create a .php file...
SugarCRM Contacts Module SQL Injection Vulnerability
SugarCRM is a set of open source customer relationship management software . A SQL injection vulnerability exists in the Contacts module of SugarCRM. The vulnerability stems from a lack of input validation. An attacker can exploit this vulnerability to inject custom PHP code...
SugarCRM PHP code injection vulnerability (CNVD-2019-34428)
SugarCRM is a set of open source customer relationship management software . A PHP code injection vulnerability exists in the EmailMan module of SugarCRM. The vulnerability stems from a lack of input validation. An attacker can exploit the vulnerability to execute arbitrary code...
SugarCRM PHP code injection vulnerability (CNVD-2019-34421)
SugarCRM is a set of open source customer relationship management software . A PHP code injection vulnerability exists in the MergeRecords module of SugarCRM. The vulnerability stems from a lack of input validation. An attacker can exploit the vulnerability to execute arbitrary code...
SugarCRM SQL Injection Vulnerability
SugarCRM is a set of open source customer relationship management software . A SQL injection vulnerability exists in the email module of SugarCRM. The vulnerability stems from a lack of input validation. An attacker can exploit the vulnerability to inject custom PHP code...
SugarCRM Configurator Module Directory Traversal Vulnerability
SugarCRM is a set of open source customer relationship management software . A directory traversal vulnerability exists in the Configurator module of SugarCRM. The vulnerability stems from a lack of input validation. An attacker can exploit the vulnerability to inject custom PHP code...