2595 matches found
CVE-2022-44384
An arbitrary file upload vulnerability in rconfig v3.9.6 allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-44384
An arbitrary file upload vulnerability in rconfig v3.9.6 allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-43192
An arbitrary file upload vulnerability in the component /dede/filemanagecontrol.php of Dedecms v5.7.101 allows attackers to execute arbitrary code via a crafted PHP file. This vulnerability is related to an incomplete fix for CVE-2022-40886...
CVE-2022-43234
An arbitrary file upload vulnerability in the /attachments component of Hoosk v1.8 allows attackers to execute arbitrary code via a crafted PHP file...
Design/Logic Flaw
An arbitrary file upload vulnerability in the /attachments component of Hoosk v1.8 allows attackers to execute arbitrary code via a crafted PHP file...
Revenue Collection System 1.0 SQL Injection / Remote Code Execution
Exploit Title: Revenue Collection System v1.0 - RCE via Unauthenticated SQL Injection Exploit Author: Joe Pollock Date: November 16, 2022 Vendor Homepage: https://www.sourcecodester.com/php/14904/rates-system.html Software Link:...
CVE-2022-43234
An arbitrary file upload vulnerability in the /attachments component of Hoosk v1.8 allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-43265
An arbitrary file upload vulnerability in the component /pages/saveuser.php of Canteen Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-43265
An arbitrary file upload vulnerability in the component /pages/saveuser.php of Canteen Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-43265
An arbitrary file upload vulnerability in the component /pages/saveuser.php of Canteen Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-43146
An arbitrary file upload vulnerability in the image upload function of Canteen Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file...
Design/Logic Flaw
An arbitrary file upload vulnerability in the image upload function of Canteen Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-43146
An arbitrary file upload vulnerability in the image upload function of Canteen Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-43146
An arbitrary file upload vulnerability in the image upload function of Canteen Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file...
Privilege escalation
AyaCMS v3.1.2 was discovered to contain an arbitrary file upload vulnerability via the component /admin/fstupload.inc.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-43074
AyaCMS v3.1.2 was discovered to contain an arbitrary file upload vulnerability via the component /admin/fstupload.inc.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-43277
Canteen Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via ip/youthappam/phpaction/editFile.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...
Design/Logic Flaw
Canteen Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via ip/youthappam/phpaction/editFile.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-43277
Canteen Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via ip/youthappam/phpaction/editFile.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...
Theme-Demo-Importer < 1.1.1 - Admin+ Arbitrary File Upload
The plugin does not validate the imported file, allowing high-privilege users such as admin to upload arbitrary files such as PHP even when FILEMODS and FILEEDIT are disallowed. 1. Navigate to: Appearance Import Demo Content Theme Demo Importer Manually upload the demo files 2. Use the XML file...