2595 matches found
CVE-2022-40089
A remote file inclusion RFI vulnerability in Simple College Website v1.0 allows attackers to execute arbitrary code via a crafted PHP file. This vulnerability is exploitable when the directive allowurlinclude is set to On...
CVE-2022-40087
Simple College Website v1.0 was discovered to contain an arbitrary file write vulnerability via the function fileputcontents. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-40087
Simple College Website v1.0 was discovered to contain an arbitrary file write vulnerability via the function fileputcontents. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...
PT-2022-25193 · Unknown · Simple College Website
Name of the Vulnerable Software and Affected Versions: Simple College Website version 1.0 Description: The issue allows attackers to execute arbitrary code via a crafted PHP file, leveraging an arbitrary file write vulnerability. This is achieved through the file put contents function...
CVE-2022-38621
Doufox v0.0.4 was discovered to contain a remote code execution RCE vulnerability via the edit file page. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-38621
Doufox v0.0.4 was discovered to contain a remote code execution RCE vulnerability via the edit file page. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...
Remote code execution
Doufox v0.0.4 was discovered to contain a remote code execution RCE vulnerability via the edit file page. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-38621
CVE-2022-38621 concerns Doufox v0.0.4, where a remote code execution (RCE) vulnerability exists on the edit file page. The issue allows an attacker to execute arbitrary code by supplying a crafted PHP file, as described across multiple sources (notably the NVD entry with a 9.8 CVSSv3.1 score). Th...
CVE-2022-38621
Doufox v0.0.4 was discovered to contain a remote code execution RCE vulnerability via the edit file page. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-38323
Event Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via the component /RoyalEvent/updateimage.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-38323
Event Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via the component /RoyalEvent/updateimage.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-38305
AeroCMS v0.0.1 was discovered to contain an arbitrary file upload vulnerability via the component /admin/profile.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-38305
AeroCMS v0.0.1 was discovered to contain an arbitrary file upload vulnerability via the component /admin/profile.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-38305
AeroCMS v0.0.1 was discovered to contain an arbitrary file upload vulnerability via the component /admin/profile.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-36580
An arbitrary file upload vulnerability in the component /admin/products/controller.php?action=add of Online Ordering System v2.3.2 allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-36580
An arbitrary file upload vulnerability in the component /admin/products/controller.php?action=add of Online Ordering System v2.3.2 allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-36582
An arbitrary file upload vulnerability in the component /phpaction/createProduct.php of Garage Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-36698
Ingredients Stock Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /categories/viewcategory.php...
CVE-2022-36523
D-Link Go-RT-AC750 GORTAC750revAv101b03 & GO-RT-AC750revBFWv200b02 is vulnerable to command injection via /htdocs/upnpinc/gena.php...
CVE-2022-35426
UCMS 1.6 is vulnerable to arbitrary file upload via ucms/sadmin/file PHP file...