WordPress Popular Posts < 5.3.3 - Authenticated Code Injection

Jerome Bruandet from NinTechNet discovered a code injection issue in the plugin before 5.3.3: "When thumbnails settings are set to 'Custom field name' and 'Resize image from Custom field' they aren’t by default, a user with contributor role or above can bypass the file type verification, download...

PANews 2.0 - Remote PHP Script Code Execution Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/12611/info PaNews is reported prone to a remote PHP script code execution vulnerability. It is reported that PHP script code may be injected into the PaNews software through the 'showcopy' parameter of the 'adminsetup.php...

Debian Security Advisory DSA 2610-1 (ganglia - arbitrary script execution)

Insufficient input sanitization in Ganglia, a web based monitoring system, could lead to remote PHP script execution with permissions of the user running the web server. OpenVAS Vulnerability Test $Id: deb2610.nasl 6611 2017-07-07 12:07:20Z cfischer $ Auto-generated from advisory DSA 2610-1 using...

Flax Article Manager 1.1 Remote PHP Script Upload Vulnerability

Exploit for unknown platform in category web applications =============================================================== Flax Article Manager 1.1 Remote PHP Script Upload Vulnerability =============================================================== Flax Article Manager 1.1 Remote File Upload...

Flax Article Manager 1.1 - Remote PHP Script Upload

Flax Article Manager 1.1 - Remote PHP Script Upload Flax Article Manager 1.1 Remote File Upload Vulnerability ---------------------------------------------------------- Discovered By: S.W.A.T. [email protected] Home: www.batlagh.com Script Page: http://www.clixint.com/products/articles Dork:...