7194 matches found
CVE-2015-10141 Xdebug Remote Debugger Unauthenticated OS Command Execution
An unauthenticated OS command injection vulnerability exists within Xdebug versions 2.5.5 and earlier, a PHP debugging extension developed by Derick Rethans. When remote debugging is enabled, Xdebug listens on port 9000 and accepts debugger protocol commands without authentication. An attacker ca...
CVE-2018-25114 osCommerce 2.3.4.1 Installer Unauthenticated Configuration File Injection PHP Code Execution
A remote code execution vulnerability exists within osCommerce Online Merchant version 2.3.4.1 due to insecure default configuration and missing authentication in the installer workflow. By default, the /install/ directory remains accessible after installation. An unauthenticated attacker can...
Xdebug 安全漏洞
Xdebug is an extension for debugging and analyzing PHP code from the Xdebug open source. A security vulnerability exists in Xdebug 2.5.5 and earlier versions, which stems from unauthenticated OS command injection and could lead to the execution of arbitrary PHP code...
PT-2025-31592 · Packagist · Dolibarr/Dolibarr
Summary The Dolibarr backend provides the function of adding Menu, and supports setting permissions for the added Menu: This is the trigger point of the vulnerability. The submitted permission can be php code, and it will be executed when viewing the created Menu: - htdocs/admin/menus/edit.php As...
CVE-2025-34113
An authenticated command injection vulnerability exists in Tiki Wiki CMS versions ≤14.1, ≤12.4 LTS, ≤9.10 LTS, and ≤6.14 via the viewmode GET parameter in tiki-calendar.php. When the calendar module is enabled and an authenticated user has permission to access it, an attacker can inject and execu...
CVE-2025-34104
An authenticated remote code execution vulnerability exists in Piwik now Matomo versions prior to 3.0.3 via the plugin upload mechanism. In vulnerable versions, an authenticated user with Superuser privileges can upload and activate a malicious plugin ZIP archive, leading to arbitrary PHP code...
CVE-2025-34104
An authenticated remote code execution vulnerability exists in Piwik now Matomo versions prior to 3.0.3 via the plugin upload mechanism. In vulnerable versions, an authenticated user with Superuser privileges can upload and activate a malicious plugin ZIP archive, leading to arbitrary PHP code...
CVE-2025-34104 Piwik Authenticated RCE via Custom Plugin Upload
An authenticated remote code execution vulnerability exists in Piwik now Matomo versions prior to 3.0.3 via the plugin upload mechanism. In vulnerable versions, an authenticated user with Superuser privileges can upload and activate a malicious plugin ZIP archive, leading to arbitrary PHP code...
CVE-2020-36847
The Simple-File-List Plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 4.2.2 via the rename function which can be used to rename uploaded PHP code with a png extension to use a php extension. This allows unauthenticated attackers to execute code on the...
VulnCheck KEV: CVE-2020-27387
An unrestricted file upload issue in HorizontCMS through 1.0.0-beta allows an authenticated remote attacker with access to the FileManager to upload and execute arbitrary PHP code by uploading a PHP payload, and then using the FileManager's rename function to provide the payload which will receiv...
CVE-2025-34097
An unrestricted file upload vulnerability exists in ProcessMaker versions prior to 3.5.4 due to improper handling of uploaded plugin archives. An attacker with administrative privileges can upload a malicious .tar plugin file containing arbitrary PHP code. Upon installation, the plugin’s install...
CVE-2020-36847
CVE-2020-36847 affects the WordPress Simple File List plugin (versions ≤ 4.2.2). The vulnerability is Remote Code Execution via the plugin’s file-renaming flow (rename of uploaded PHP disguised as PNG to PHP), allowing unauthenticated code execution on the server. Affected component: Simple File ...
CVE-2025-34097
An unrestricted file upload vulnerability exists in ProcessMaker versions prior to 3.5.4 due to improper handling of uploaded plugin archives. An attacker with administrative privileges can upload a malicious .tar plugin file containing arbitrary PHP code. Upon installation, the plugin’s install...
CVE-2025-34097 ProcessMaker < 3.5.4 Authenticated Plugin Upload RCE
An unrestricted file upload vulnerability exists in ProcessMaker versions prior to 3.5.4 due to improper handling of uploaded plugin archives. An attacker with administrative privileges can upload a malicious .tar plugin file containing arbitrary PHP code. Upon installation, the plugin’s install...
CVE-2025-34097 ProcessMaker < 3.5.4 Authenticated Plugin Upload RCE
An unrestricted file upload vulnerability exists in ProcessMaker versions prior to 3.5.4 due to improper handling of uploaded plugin archives. An attacker with administrative privileges can upload a malicious .tar plugin file containing arbitrary PHP code. Upon installation, the plugin’s install...
CVE-2025-7327
The Widget for Google Reviews plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.0.15 via the layout parameter. This makes it possible for authenticated attackers, with Subscriber-level access and above, to include and execute arbitrary files on the...
PT-2025-29139 · Unknown · Processmaker
Name of the Vulnerable Software and Affected Versions: ProcessMaker versions prior to 3.5.4 Description: An unrestricted file upload vulnerability exists due to improper handling of uploaded plugin archives. An attacker with administrative privileges can upload a malicious .tar plugin file...
Remote Code Execution (RCE)
bolt/bolt is vulnerable to remote code execution RCE. The vulnerability is due to unsanitized rendering of user-controlled input PHP code injection in the displayname field in backend templates, followed by abuse of session file manipulation endpoints which allows an attacker to create a web shel...
CVE-2025-34083
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority as it is a duplicate of CVE-2020-36849...
CVE-2025-34083
...