Path traversal

There is a Path Traversal that leads to a Local File Inclusion in Pandora FMS v764. A function is called to check that the parameter that the user has inserted does not contain malicious characteres, but this check is insufficient. An attacker could insert an absolute path to overcome the heck,...

CVE-2022-48008

An arbitrary file upload vulnerability in the plugin manager of LimeSurvey v5.4.15 allows attackers to execute arbitrary code via a crafted PHP file...

CVE-2022-48008

An arbitrary file upload vulnerability in the plugin manager of LimeSurvey v5.4.15 allows attackers to execute arbitrary code via a crafted PHP file...

PT-2023-16334 · Unknown · Sourcecodester Online Tours & Travels Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Tours & Travels Management System version 1.0 Description: A critical issue has been found in the system, affecting an unknown part of the file admin/abc.php. The manipulation of the id argument leads to SQL injection. I...

Unrestricted file upload

erohtar/Dasherr is a dashboard for self-hosted services. In affected versions unrestricted file upload allows any unauthenticated user to execute arbitrary code on the server. The file /www/include/filesave.php allows for any file to uploaded to anywhere. If an attacker uploads a php file they ca...

Gamaredon Group Launches Cyberattacks Against Ukraine Using Telegram

The Russian state-sponsored cyber espionage group known as Gamaredon has continued its digital onslaught against Ukraine, with recent attacks leveraging the popular messaging app Telegram to strike military and law enforcement sectors in the country. "The Gamaredon group's network infrastructure...

Discussion-Board SQL注入漏洞

Discussion-Board is a PHP-based online forum. Discussion-Board suffers from a SQL injection vulnerability that originates in the function displayallreplies in the file functions/main.php, which operates on the parameter str to cause SQL injection...

CVE-2022-46610

72crm v9 was discovered to contain an arbitrary file upload vulnerability via the avatar upload function. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...

CVE-2022-46610

72crm v9 was discovered to contain an arbitrary file upload vulnerability via the avatar upload function. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...

Privilege escalation

72crm v9 was discovered to contain an arbitrary file upload vulnerability via the avatar upload function. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...

CVE-2022-46610

72crm v9 was discovered to contain an arbitrary file upload vulnerability via the avatar upload function. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...

CVE-2021-4310

A vulnerability was found in 01-Scripts 01-Artikelsystem. It has been classified as problematic. Affected is an unknown function of the file 01article.php. The manipulation of the argument $SERVER'PHPSELF' leads to cross site scripting. It is possible to launch the attack remotely. The patch is...

PT-2023-10615 · Unknown · Red Snapper Nview

Name of the Vulnerable Software and Affected Versions: Red Snapper NView affected versions not specified Description: A critical vulnerability has been found in Red Snapper NView. This issue affects the mutate function of the file src/Session.php. The manipulation of the session argument leads to...

eXtplorer 跨站脚本漏洞

eXtplorer is a PHP-based file manager. A cross-site scripting vulnerability exists in versions prior to eXtplorer 2.1.13, which stems from a problem with some unknown functionality that can lead to cross-site scripting...

Lack of Input Sanitazion lead to RCE

Description This vulnerability occur because there is no sanitation on user controlled input during the update configuration process. The input later , written to another .php file and this could lead to RCE. Proof of Concept 1. Go to Config then go to Mail Settings 2. Change the From Email Addre...

w2wiki 跨站脚本漏洞

w2wiki is a web-based wiki-like notepad developed by Steven Frank. A security vulnerability exists in w2wiki, which originates in the toHTML function of the index.php file of the component Markdown Handler, where a parameter query leads to cross-site scripting...

Design/Logic Flaw

The Motors WordPress plugin before 1.4.4 does not properly validate uploaded files for dangerous file types such as .php in an AJAX action, allowing an attacker to sign up on a victim's WordPress instance, upload a malicious PHP file and attempt to launch a brute-force attack to discover the...

CVE-2022-3989

The Motors WordPress plugin is vulnerable in versions before 1.4.4 due to improper validation of uploaded files for dangerous types (e.g., .php) in an AJAX action. This can allow a user to sign up on a victim WordPress instance, upload PHP payloads, and potentially launch a brute‑force/credential...

CVE-2022-3912 User Registration < 2.2.4.1 - Subscriber+ Arbitrary File Upload

The User Registration WordPress plugin before 2.2.4.1 does not properly restrict the files to be uploaded via an AJAX action available to both unauthenticated and authenticated users, which could allow unauthenticated users to upload PHP files for example...

WordPress plugin Motors 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...