VulnCheck KEV: CVE-2020-12800

The drag-and-drop-multiple-file-upload-contact-form-7 plugin before 1.3.3.3 for WordPress allows Unrestricted File Upload and remote code execution by setting supportedtype to php% and uploading a .php% file...

Classyfrieds <= 3.8 - Authenticated Arbitrary File Upload to RCE

The plugin does not properly check the uploaded file when an authenticated user adds a listing, only checking the content-type in the request. This allows any authenticated user to upload arbitrary PHP files via the Add Listing feature of the plugin, leading to RCE. POST /addalisting/ HTTP/1.1...

Event Banner <= 1.3 - Arbitrary File Upload to RCE

The plugin does not verify the uploaded image file, allowing admin accounts to upload arbitrary files, such as .exe, .php, or others executable, leading to RCE. Due to the lack of CSRF check, the issue can also be used via such vector to achieve the same result, or via a LFI as authorisation chec...

Imagements <= 1.2.5 - Unauthenticated Arbitrary File Upload to RCE

The Imagements WordPress plugin, versions = 1.2.5, allowed images to be uploaded in comments, however, only checked for the Content-Type HTTP header for validation, which can be tampered with. This allows unauthenticated attackers to upload arbitrary files by using a valid image Content-Type head...

Composr 10.0.36 Shell Upload

Exploit Title: Composr 10.0.36 - Remote Code Execution Date: 04/06/2021 Exploit Author: Orion Hridoy Vendor Homepage: https://compo.sr/ Software Link: https://compo.sr/download.htm Version: 10.0.36 Tested on: Windows/Linux CVE : CVE-2021-30149 A RCE on Composr CMS has been discovered by BugsBD...

Composr 10.0.36 - Remote Code Execution

Exploit Title: Composr 10.0.36 - Remote Code Execution Date: 04/06/2021 Exploit Author: Orion Hridoy Vendor Homepage: https://compo.sr/ Software Link: https://compo.sr/download.htm Version: 10.0.36 Tested on: Windows/Linux CVE : CVE-2021-30149 A RCE on Composr CMS has been discovered by BugsBD...

Composr PHP File Upload and Execution Vulnerability

Composr is an open source content management system CMS with advanced social, interactive and dynamic features. A PHP file upload and execution vulnerability exists in Composr version 10.0.36. An attacker can exploit this vulnerability to upload and execute PHP files...

CVE-2021-30149

Composr 10.0.36 allows upload and execution of PHP files...

CVE-2021-30149

Composr CMS 10.0.36 is vulnerable to remote code execution via PHP file upload. The vulnerability allows uploading and executing PHP files (e.g., via galleries or bulk upload paths), leading to high-impact outcomes (RCE) as indicated by multiple sources (CVE-2021-30149, exploit/public disclosures...

Tutor LMS < 1.8.8 - Authenticated Local File Inclusion

The plugin is affected by a local file inclusion vulnerability through the maliciously constructed subpage parameter of the plugin's Tools, allowing high privilege users to include any local php file PoC https://your.domain/wp-admin/admin.php?page=tutor-tools⊂page=..%2F..%2F..%2F..%2F..%2F..%2Fin...

Exploit for Unrestricted Upload of File with Dangerous Type in Cutephp Cutenews

CVE-2019-11447 Exploit/PoC - CuteNews 2.1.2 Avatar upload RCE...

CVE-2020-36079

Zenphoto through 1.5.7 is affected by authenticated arbitrary file upload, leading to remote code execution. The attacker must navigate to the uploader plugin, check the elFinder box, and then drag and drop files into the FileselFinder portion of the UI. This can, for example, place a .php file i...

CVE-2020-36079

Zenphoto through 1.5.7 is affected by authenticated arbitrary file upload, leading to remote code execution. The attacker must navigate to the uploader plugin, check the elFinder box, and then drag and drop files into the FileselFinder portion of the UI. This can, for example, place a .php file i...

CVE-2021-3120

An arbitrary file upload vulnerability in the YITH WooCommerce Gift Cards Premium plugin before 3.3.1 for WordPress allows remote attackers to achieve remote code execution on the operating system in the security context of the web server. In order to exploit this vulnerability, an attacker must ...

CVE-2021-21311

Adminer CVE-2021-21311 is a server-side request forgery (SSRF) flaw affecting Adminer versions before 4.7.9, especially builds bundling all drivers (e.g., adminer.php). The issue arises from error-message handling that can expose sensitive information, enabling an attacker to potentially access i...

CVE-2020-16629

PhpOK 5.4.137 contains a SQL injection vulnerability that can inject an attachment data through SQL, and then call the attachment replacement function through api.php to write a PHP file to the target path...

Sql injection

PhpOK 5.4.137 contains a SQL injection vulnerability that can inject an attachment data through SQL, and then call the attachment replacement function through api.php to write a PHP file to the target path...

CVE-2020-16629

CVE-2020-16629 affects PhpOK 5.4.137. A SQL injection vulnerability lets an attacker inject attachment data via SQL and then call the attachment replacement function via api.php to write a PHP file to a target path. The issue is documented across multiple sources (CNVD, NVD, Red Hat, CVE lists) w...

CVE-2020-16629

PhpOK 5.4.137 contains a SQL injection vulnerability that can inject an attachment data through SQL, and then call the attachment replacement function through api.php to write a PHP file to the target path...

Super Forms < 4.9.703 - Unauthenticated PHP File Upload to RCE

The plugin uses the jQuery File Upload library, but does not properly ensure that PHP files are forbidden. Note: Exploitation of the issue is not as easy as the original advisory in the references states. PoC If a form from the plugin with an upload field is present on the blog, and is used to...