CVE-2019-10647

Affected software : ZZZCMS zzzphp v1.6.3. Vulnerability : Remote code execution via a crafted URL in plugins/ueditor/php/controller.php?action=catchimage, due to lack of restrictions in inc/zzz_file.php. Example payloads can cause the server to process PHP code as text. Impact : Attacker can exec...

Design/Logic Flaw

baigoStudio baigoSSO v3.0.1 allows remote attackers to execute arbitrary PHP code via the first form field of a configuration screen, because this code is written to the BGSITENAME field in the optbase.inc.php file...

Design/Logic Flaw

Maccms 10 allows remote attackers to execute arbitrary PHP code by entering this code in a template/defaultpc/html/art Edit action. This occurs because template rendering uses an include operation on a cache file, which bypasses the prohibition of .php files as templates...

Maccms Arbitrary PHP Code Execution Vulnerability

Maccms is a PHP-based content management system CMS for film and television. A code injection vulnerability exists in Maccms version 10. A remote attacker can exploit this vulnerability to inject and execute arbitrary PHP code...

CVE-2019-9825

FeiFeiCMS 4.1.190209 allows remote attackers to upload and execute arbitrary PHP code by visiting index.php?s=Admin-Index to modify the set of allowable file extensions, as demonstrated by adding php to the default jpg,gif,png,jpeg setting, and then using the "add article" feature...

Views (for Drupal 7) - Moderately critical - Information Disclosure - SA-CONTRIB-2019-034

This module enables you to create customized lists of data. The module doesn't sufficiently protect against argument definitions failing. This vulnerability is mitigated by the fact that a view must have custom PHP code used as a field validator...

Simple Machines Forum (SMF) <= 2.0.4 Multiple Vulnerabilities

Simple Machines Forum SMF is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Code injection

There is a CSRF in SDCMS V1.7 via an m=admin&c=theme&a=edit request. It allows PHP code injection by providing a filename in the file parameter, and providing file content in the t2 parameter...

CVE-2019-9652

There is a CSRF in SDCMS V1.7 via an m=admin&c=theme&a=edit request. It allows PHP code injection by providing a filename in the file parameter, and providing file content in the t2 parameter...

CVE-2019-9651

An issue was discovered in SDCMS V1.7. In the \app\admin\controller\themecontroller.php file, the checkbad function's filtering is not strict, resulting in PHP code execution. This occurs because some dangerous PHP functions such as "eval" are blocked but others such as "system" are not, and...

CVE-2019-9652

There is a CSRF in SDCMS V1.7 via an m=admin&c=theme&a=edit request. It allows PHP code injection by providing a filename in the file parameter, and providing file content in the t2 parameter...

CVE-2019-9651

CVE-2019-9651 pertains to SDCMS v1.7, where the check_bad() filtering in the file \app\admin\controller\themecontroller.php is insufficiently strict. This allows PHP code execution because dangerous functions (e.g., eval) are blocked while others (e.g., system) are not, and because blocking ".php...

CVE-2019-9652

SDCMS V1.7 contains a CSRF leading to PHP code injection via an m=admin&c=theme&a=edit request. The vulnerable component is the file handling (filename via the file parameter and content via t2), enabling remote code execution within the CMS. Concrete details across sources confirm the attack vec...

CVE-2019-9651

An issue was discovered in SDCMS V1.7. In the \app\admin\controller\themecontroller.php file, the checkbad function's filtering is not strict, resulting in PHP code execution. This occurs because some dangerous PHP functions such as "eval" are blocked but others such as "system" are not, and...

CVE-2019-9652

There is a CSRF in SDCMS V1.7 via an m=admin&c=theme&a=edit request. It allows PHP code injection by providing a filename in the file parameter, and providing file content in the t2 parameter...

Simple Machines Forum Code Injection Vulnerability

Simple Machines Forum SMF is an open source web forum system by the SMF team in the United States. A security vulnerability exists in SMF version 2.0.4. An attacker can exploit the vulnerability to inject PHP code with the help of the 'dictionary' parameter...

CVE-2019-9185

Controller/Async/FilesystemManager.php in the filemanager in Bolt before 3.6.5 allows remote attackers to execute arbitrary PHP code by renaming a previously uploaded file to have a .php extension...

CVE-2019-9185

Controller/Async/FilesystemManager.php in the filemanager in Bolt before 3.6.5 allows remote attackers to execute arbitrary PHP code by renaming a previously uploaded file to have a .php extension...

CVE-2013-7468

Simple Machines Forum SMF 2.0.4 allows PHP Code Injection via the index.php?action=admin;area=languages;sa=editlang dictionary parameter...

Code injection

Controller/Async/FilesystemManager.php in the filemanager in Bolt before 3.6.5 allows remote attackers to execute arbitrary PHP code by renaming a previously uploaded file to have a .php extension...