Epignosis eFront LMS PHP deserialization code execution vulnerability

Summary A code execution vulnerability exists in Epignosis eFront LMS v5.2.12. A specially crafted web request can cause unsafe deserialization potentially resulting in PHP code being executed. An attacker can send a crafted web parameter to trigger this vulnerability. Tested Versions Epignosis...

CVE-2018-18573

osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist filtering in the "product" page. Remote authenticated administrators can upload new '.htaccess' files e.g., omitting .php and subsequently achieve arbitrary PHP code execution via a /catalog/admin/categories.php?cPath=&action=newprodu...

CVE-2018-18573

osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist filtering in the "product" page. Remote authenticated administrators can upload new '.htaccess' files e.g., omitting .php and subsequently achieve arbitrary PHP code execution via a /catalog/admin/categories.php?cPath=&action=newprodu...

CVE-2018-18572

osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist filtering in the "product" page. Because of this filter, script files with certain PHP-related extensions such as .phtml and .php5 didn't execute in the application. But this filter didn't prevent the '.pht' extension. Thus, remote...

Code injection

osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist filtering in the "product" page. Because of this filter, script files with certain PHP-related extensions such as .phtml and .php5 didn't execute in the application. But this filter didn't prevent the '.pht' extension. Thus, remote...

CVE-2018-18573

osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist filtering in the "product" page. Remote authenticated administrators can upload new '.htaccess' files e.g., omitting .php and subsequently achieve arbitrary PHP code execution via a /catalog/admin/categories.php?cPath=&action=newprodu...

CVE-2018-18572

osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist filtering in the "product" page. Because of this filter, script files with certain PHP-related extensions such as .phtml and .php5 didn't execute in the application. But this filter didn't prevent the '.pht' extension. Thus, remote...

CVE-2018-18572

Summary: CVE-2018-18572 affects osCommerce 2.3.4.1. An incomplete blacklist in the .htaccess on the product page allows remote authenticated administrators to upload files with the .pht extension, bypassing the filter and enabling arbitrary PHP code execution via /catalog/admin/categories.php?cPa...

Directory traversal

wp-admin/admin-ajax.php?action=newslettersexportmultiple in the Tribulant Newsletters plugin before 4.6.19 for WordPress allows directory traversal with resultant remote PHP code execution via the subscribers11 parameter in conjunction with an exportfile=../ value...

CVE-2019-14746

A issue was discovered in KuaiFanCMS 5.0. It allows eval injection by placing PHP code in the install.php dbname parameter and then making a config.php request...

CVE-2019-14746

CVE-2019-14746 affects KuaiFanCMS 5.0. The issue is an eval injection vulnerability: an attacker can place PHP code in the install.php db_name parameter and trigger it via a subsequent config.php request, enabling code execution as described. The connected documents confirm this vector and impact...

CVE-2019-14746

A issue was discovered in KuaiFanCMS 5.0. It allows eval injection by placing PHP code in the install.php dbname parameter and then making a config.php request...

CVE-2016-10802

cPanel before 58.0.4 allows code execution in the context of other user accounts through the PHP CGI handler SEC-142...

CVE-2019-7932

A remote code execution vulnerability exists in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with admin privileges to create sitemaps can execute arbitrary P...

CVE-2019-7871

A security bypass exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 that could be abused to execute arbitrary PHP code. An authenticated user can bypass security protections that prevent arbitrary PHP script upload via form data injection...

CVE-2019-7932

A remote code execution vulnerability exists in Magento Open Source prior to 1.9.4.2, and Magento Commerce prior to 1.14.4.2, Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. An authenticated user with admin privileges to create sitemaps can execute arbitrary P...

Rare Steganography Hack Can Compromise Fully Patched Websites

An unusual steganographic technique that an attacker can use to implant a malicious webshell on unsuspecting websites has been spotted in Latin America. According to research from Trustwave shared exclusively with Threatpost, a forensic investigation showed that an adversary is implanting PHP cod...

CVE-2019-13956

Discuz!ML 3.2 through 3.4 allows remote attackers to execute arbitrary PHP code via a modified language cookie, as demonstrated by changing 4gH40df5language=en to 4gH40df5language=en'.phpinfo.'; if the random prefix 4gH40df5 were used...

Code injection

Discuz!ML 3.2 through 3.4 allows remote attackers to execute arbitrary PHP code via a modified language cookie, as demonstrated by changing 4gH40df5language=en to 4gH40df5language=en'.phpinfo.'; if the random prefix 4gH40df5 were used...

CVE-2019-13956

Discuz!ML versions 3.2–3.4 are affected by a code-injection vulnerability in the language cookie. The root cause is improper handling of the language cookie value, allowing remote attackers to inject and execute arbitrary PHP code (for example via language=en'.phpinfo().');, enabling remote code ...