Command Execution Vulnerability in SongCMS ex***.php File

SongCMS is a PHP+MySQL, ASP+Access/SQL Server based development, enterprise-oriented, multi-language support, free, open source CMS to help business users quickly build and deploy enterprise-level portals. A command execution vulnerability exists in the SongCMS ex.php file. An attacker can exploi...

Autoptimize < 2.7.8 - Arbitrary File Upload via "Import Settings"

The plugin attempts to delete malicious files such as .php form the uploaded archive via the "Import Settings" feature, after its extraction. However, the extracted folders are not checked and it is possible to upload a zip which contained a directory with PHP file in it and then it is not remove...

Design/Logic Flaw

Niushop B2B2C Multi-business basic version V1.11, can bypass the administrator to obtain the background upload interface, through parameter upload, bypass the getimagesize function, upload php file, getshell...

CVE-2020-19672

CVE-2020-19672 affects Niushop B2B2C Multi-business basic version V1.11. The vulnerability allows bypassing the administrator to access the background upload interface, exploiting an upload parameter to bypass getimagesize and upload a PHP file, leading to getshell. This is what the provided docu...

MaraCMS 7.5 Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MaraCMS Arbitrary PHP File Upload', 'Description' = %q This module exploits an arbitrary file upload vulnerability in MaraCMS 7.5 and prior in...

CVE-2020-25790

Typesetter CMS 5.x through 5.1 allows admins to upload and execute arbitrary PHP code via a .php file inside a ZIP archive. NOTE: the vendor disputes the significance of this report because "admins are considered trustworthy"; however, the behavior "contradicts our security policy" and is being...

CVE-2020-24986

Concrete5 up to and including 8.5.2 allows Unrestricted Upload of File with Dangerous Type such as a .php file via File Manager. It is possible to modify site configuration to upload the PHP file and execute arbitrary commands...

CVE-2020-24986

Concrete5 up to and including 8.5.2 allows Unrestricted Upload of File with Dangerous Type such as a .php file via File Manager. It is possible to modify site configuration to upload the PHP file and execute arbitrary commands...

CVE-2020-24986

Concrete5 up to and including 8.5.2 allows Unrestricted Upload of File with Dangerous Type such as a .php file via File Manager. It is possible to modify site configuration to upload the PHP file and execute arbitrary commands...

PT-2020-15905 · Mara · Mara Cms

Name of the Vulnerable Software and Affected Versions: Mara CMS version 7.5 Description: An issue exists that allows arbitrary file upload. To exploit this, an attacker needs a valid authenticated session and must make a "codebase/dir.php?type=filenew" request to upload PHP code to...

CVE-2020-15159

baserCMS 4.3.6 and earlier is affected by Cross Site Scripting XSS and Remote Code Execution RCE. This may be executed by logging in as a system administrator and uploading an executable script file such as a PHP file.The affected components are ThemeFilesController.php and...

Cross site scripting

baserCMS 4.3.6 and earlier is affected by Cross Site Scripting XSS and Remote Code Execution RCE. This may be executed by logging in as a system administrator and uploading an executable script file such as a PHP file.The affected components are ThemeFilesController.php and...

CVE-2020-24186

A Remote Code Execution vulnerability exists in the gVectors wpDiscuz plugin 7.0 through 7.0.4 for WordPress, which allows unauthenticated users to upload any type of file, including PHP files via the wmuUploadFiles AJAX action...

CVE-2020-17452

The CVE-2020-17452 entry concerns flatCore CMS (PHP/SQLite) prior to version 1.5.7, where an unrestricted file upload vulnerability allows an admin to upload and execute a PHP file. The root cause is an unrestricted file upload flaw enabling remote code execution; impact details in sources indica...

Newsletter WordPress Plugin Opens Door to Site Takeover

Newsletter, a WordPress plugin with more than 300,000 installations, has a pair of vulnerabilities that could lead to code-execution and even site takeover. The Newsletter plugin offers site admins a visual editor that can be used to create newsletters and email campaigns from within WordPress...

Koken CMS 0.22.24 Shell Upload

Exploit Title: Koken CMS 0.22.24 - Arbitrary File Upload Authenticated Date: 2020-07-15 Exploit Author: v1n1v131r4 Vendor Homepage: http://koken.me/ Software Link: https://www.softaculous.com/apps/cms/Koken Version: 0.22.24 Tested on: Linux PoC:...

Koken CMS 0.22.24 - Arbitrary File Upload (Authenticated)

Exploit Title: Koken CMS 0.22.24 - Arbitrary File Upload Authenticated Date: 2020-07-15 Exploit Author: v1n1v131r4 Vendor Homepage: http://koken.me/ Software Link: https://www.softaculous.com/apps/cms/Koken Version: 0.22.24 Tested on: Linux PoC:...

SQL injection vulnerability in n***.php file of website building system of Anyang Zhidao Media Co.

Founded in 2011, Anyang Zhidao Media Co., Ltd. is a formal and professional Anyang network company engaged in Internet business and software development. Anyang Zhidao Media Co., Ltd. building system n.php file SQL injection vulnerability, attackers can use the vulnerability to obtain database...

SQL injection vulnerability in n***.php file of website building system of Anyang Zhidao Media Co.

Founded in 2011, Anyang Zhidao Media Co., Ltd. is a formal and professional Anyang network company engaged in Internet business and software development. Anyang Zhidao Media Co., Ltd. building system n.php file SQL injection vulnerability, attackers can use the vulnerability to obtain database...

SQL injection vulnerability in p***.php file of website building system of Anyang Zhidao Media Co.

Founded in 2011, Anyang Zhidao Media Co., Ltd. is a formal and professional Anyang network company engaged in Internet business and software development. Anyang Zhidao Media Co., Ltd. building system p.php file SQL injection vulnerability, attackers can use the vulnerability to obtain database...