WP Support Plus Responsive Ticket System < 8.0.8 - Remote Code Execution (RCE)

WP Support Plus Responsive Ticket System = 8.0.7 allows anyone to upload PHP files with extensions like ".phtml", ".php4", ".php5", and so on, all of which are run as if their extension was ".php" on most hosting platforms. This is because "includes/admin/attachment/uploadAttachment.php" contains...

Creative Management System Lite SQL Injection Vulnerability

Creative Management System CMS Lite is a web content management system with features such as menu design, site backup and site calendar. A SQL injection vulnerability exists in CMS Lite version 1.4. A remote attacker can exploit the vulnerability by sending the 'S' parameter to the index.php file...

Design/Logic Flaw

edit.php in LabWiki 1.1 and earlier does not properly verify uploaded user files, which allows remote authenticated users to upload arbitrary PHP files via a PHP file with a .gif extension in the userfile parameter...

Remote code execution

X-Cart 5.2.23, 5.3.1.9, 5.3.2.13, and 5.3.3 is vulnerable to Remote Code Execution. This vulnerability exists because the application fails to check remote file extensions before saving locally. This vulnerability can be exploited by anyone with Vendor access or higher. One attack methodology is ...

CVE-2017-14958

lib.php in PivotX 2.3.11 does not properly block uploads of dangerous file types by admin users, which allows remote PHP code execution via an upload of a .php file...

CVE-2017-14958

lib.php in PivotX 2.3.11 does not properly block uploads of dangerous file types by admin users, which allows remote PHP code execution via an upload of a .php file...

Job Links - Arbitrary File Upload

Job Links - Arbitrary File Upload Exploit Title: Job Links - Complete Job Management Script - Arbitrary File Upload Dork: N/A Date: 26.09.2017 Vendor Homepage: http://teamworktec.com/ Software Link: https://codecanyon.net/item/job-links-complete-job-management-script/20672089 Demo:...

Basic Contact Form <= 1.0.3 - Potential Unauthenticated Shell Upload

Uploading attachments in the contact form allows to run any kind of PHP code depending on the server config. The issue is related to this https://www.exploit-db.com/exploits/10089/ one. Explanation there will help to understand the problem. Following code is part of the function...

TecnoVISION DLX Spot Player4 Arbitrary File Upload Vulnerability

TecnoVISION DLX Spot Player4 is a control management software for LED video walls from TecnoVISION Australia. An arbitrary file upload vulnerability exists in the resource.php file in TecnoVISION DLX Spot Player4 versions after 1.5.10. A remote attacker can exploit this vulnerability to upload...

PT-2017-2898 · D Link · D-Link Dir-850L

Name of the Vulnerable Software and Affected Versions: D-Link DIR-850L REV. A versions through FW114WWb07 h2ab beta1 D-Link DIR-850L REV. B versions through FW208WWb02 Description: The issue is related to the DHCP service in the D-Link DIR-850L router's firmware, specifically with the handling of...

Cross-site Scripting (XSS)

automattic/jetpack is vulnerable to cross-site scripting XSS attacks. A malicious user can inject and execute arbitrary JavaScript through the modules/shortcodes/polldaddy.php file as it does not properly sanitize the uniqueid parameter...

Unrestricted file upload

Zoho ManageEngine Firewall Analyzer 12200 has an unrestricted File Upload vulnerability in the "Group Chat" section. Any user can upload files with any extensions. By uploading a PHP file to the server, an attacker can cause it to execute in the server context, as demonstrated by...

CVE-2017-14123

Zoho ManageEngine Firewall Analyzer 12200 has an unrestricted File Upload vulnerability in the "Group Chat" section. Any user can upload files with any extensions. By uploading a PHP file to the server, an attacker can cause it to execute in the server context, as demonstrated by...

CVE-2017-14050

In BlackCat CMS 1.2, backend/addons/install.php allows remote authenticated users to execute arbitrary PHP code via a ZIP archive that contains a .php file...

CVE-2017-13670

In BlackCat CMS 1.2, remote authenticated users can upload any file via the media upload function in backend/media/ajaxupload.php, as demonstrated by a ZIP archive that contains a .php file...

CVE-2017-13670

In BlackCat CMS 1.2, remote authenticated users can upload any file via the media upload function in backend/media/ajaxupload.php, as demonstrated by a ZIP archive that contains a .php file...

CVE-2017-13670

In BlackCat CMS 1.2, remote authenticated users can upload any file via the media upload function in backend/media/ajaxupload.php, as demonstrated by a ZIP archive that contains a .php file...

CVE-2017-14050

In BlackCat CMS 1.2, backend/addons/install.php allows remote authenticated users to execute arbitrary PHP code via a ZIP archive that contains a .php file...

BlackCat CMS Arbitrary PHP Code Execution Vulnerability

BlackCat CMS is a PHP5, HTML5 content management system. An arbitrary PHP code execution vulnerability exists in the backend/addons/install.php file in BlackCat CMS, which can be exploited by remote attackers to execute arbitrary PHP code via a ZIP archive containing the .php file...

CMS Made Simple <= 2.2.2 Upload Vulnerability

CMS Made Simple is prone to an upload vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:cmsmadesimple:cmsmadesimple"...