30 matches found
EUVD-2021-13581
Malware in sbrugna...
EUVD-2022-29527
Malicious code in bioql PyPI...
CVE-2022-24652
sentcms 4.0.x allows remote attackers to cause arbitrary file uploads through an unauthorized file upload interface, resulting in php code execution in /admin/upload/upload...
CVE-2022-24651
sentcms 4.0.x allows remote attackers to cause arbitrary file uploads through an unauthorized file upload interface, resulting in PHP code execution through /user/upload/upload...
CVE-2021-26794
Privilege escalation in 'upload.php' in FrogCMS SentCMS v0.9.5 allows attacker to execute arbitrary code via crafted php file...
CVE-2022-24652
sentcms 4.0.x allows remote attackers to cause arbitrary file uploads through an unauthorized file upload interface, resulting in php code execution in /admin/upload/upload...
CVE-2022-24652
sentcms 4.0.x allows remote attackers to cause arbitrary file uploads through an unauthorized file upload interface, resulting in php code execution in /admin/upload/upload...
CVE-2022-24652
sentcms 4.0.x allows remote attackers to cause arbitrary file uploads through an unauthorized file upload interface, resulting in php code execution in /admin/upload/upload...
CVE-2022-24651
sentcms 4.0.x allows remote attackers to cause arbitrary file uploads through an unauthorized file upload interface, resulting in PHP code execution through /user/upload/upload...
CVE-2022-24651
sentcms 4.0.x allows remote attackers to cause arbitrary file uploads through an unauthorized file upload interface, resulting in PHP code execution through /user/upload/upload...
CVE-2022-24651
sentcms 4.0.x allows remote attackers to cause arbitrary file uploads through an unauthorized file upload interface, resulting in PHP code execution through /user/upload/upload...
Privilege escalation
sentcms 4.0.x allows remote attackers to cause arbitrary file uploads through an unauthorized file upload interface, resulting in php code execution in /admin/upload/upload...
CVE-2022-24652
CVE-2022-24652 affects SentCMS 4.0.x. The vulnerability stems from a lack of validation of uploaded files in the unauthorized file upload interface at /admin/upload/upload, enabling remote attackers to upload arbitrary files and achieve PHP code execution. The NVD reports a high-severity impact (...
CVE-2022-24652
sentcms 4.0.x allows remote attackers to cause arbitrary file uploads through an unauthorized file upload interface, resulting in php code execution in /admin/upload/upload...
CVE-2022-24651
sentcms 4.0.x allows remote attackers to cause arbitrary file uploads through an unauthorized file upload interface, resulting in PHP code execution through /user/upload/upload...
CVE-2022-24651
CVE-2022-24651 affects SentCMS 4.0.x. The vulnerability allows remote attackers to upload arbitrary files via an unauthorized upload interface at /user/upload/upload, enabling PHP code execution. Multiple sources corroborate that the issue stems from lack of validation of uploaded files. No patch...
Tensent SentCMS 代码问题漏洞
Tensent SentCMS is an easy-to-use website management system from Tensent, China. A security vulnerability exists in Tensent SentCMS version 4.0.x. The vulnerability stems from a lack of validation of uploaded files in the file upload interface of the /user/upload/upload php code in the software...
Tensent SentCMS 代码问题漏洞
Tensent SentCMS is a simple and easy-to-use website management system from Tensent, China. A security vulnerability exists in Tensent SentCMS version 4.0.x. The vulnerability stems from a lack of validation of uploaded files in the file upload interface of the /admin/upload/upload php code in the...
FrogCMS SentCMS Remote Code Execution (CVE-2021-26794)
A remote code execution vulnerability exists in FrogCMS SentCMS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
CVE-2021-26794
Privilege escalation in 'upload.php' in FrogCMS SentCMS v0.9.5 allows attacker to execute arbitrary code via crafted php file...