Arbitrary File Upload

Overview pimcore/pimcore is a content & product management framework CMS/PIM/E-Commerce. Affected versions of this package are vulnerable to Arbitrary File Upload. It is possible to for a user to upload a .php file when creating a permission on the assets feature, resulting in arbitrary code...

spamassassin: Local user code injection in the meta rule syntax

A flaw was found in the way a local user on the SpamAssassin server could inject code in the meta rule syntax. This could cause the arbitrary code execution on the server when these rules are being processed...

EC-CUBE Payment Module and GMO-PG Payment Module Input Validation Vulnerability

LOCKON EC-CUBE is an open source e-commerce website building platform developed by LOCKON Japan. The platform supports product login, user evaluation, art layout, etc. EC-CUBE Payment Module and GMO-PG Payment Module are payment modules developed by Japan GMO Payment Gateway Company which are use...

Multiple vulnerabilities in EC-CUBE Payment Module and GMO-PG Payment Module (PG Multi-Payment Service) for EC-CUBE

Overview EC-CUBE Payment Module and GMO-PG Payment Module PG Multi-Payment Service, which are additional modules for EC-CUBE, provided by GMO Payment Gateway, Inc. contain multiple vulnerabilities listed below. Cross-site scripting vulnerability in the management screen CWE-79 - CVE-2018-0657 Inp...

Movable Type plugin MTAppjQuery vulnerable to PHP code execution

Overview MTAppjQuery provided by bit part LLC is a plugin for Movable Type. An older version PHP library Uploadify is incorporated in MTAppjQuery v1.8.1 and earlier versions and the older versions of Uploadify contains unrestricted upload of arbitrary file CWE-434, which may lead to arbitrary PHP...

WordPress Redirection Redirection Vulnerability

WordPress is the WordPress Software Foundation a set of blogging platform developed using the PHP language , the platform supports PHP and MySQL server set up a personal blog site . Redirection is one of the redirection plug-ins used to manage the 301 redirection and tracking 404 errors . A...

Design/Logic Flaw

Etherpad 1.5.x and 1.6.x before 1.6.4 allows an attacker to execute arbitrary code on the server. The instance has to be configured to use a document database DirtyDB, CouchDB, MongoDB, or RethinkDB...

SOY CMS vulnerable to directory traversal

Overview SOY CMS provided by Nippon Institute of Agroinformatics Ltd. is a Contents Management System CMS. SOY CMS contains a directory traversal vulnerability CWE-22 due to a flaw in processing shopid parameter. ASAI Ken reported this vulnerability to IPA. JPCERT/CC coordinated with the develope...

baserCMS vulnerable to cross-site request forgery

Overview baserCMS provided by baserCMS User Group is an opensource content management system. baserCMS contains a cross-site request forgery vulnerability. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership...

EC-CUBE vulnerable to cross-site request forgery

Overview EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains a cross-site request forgery vulnerability CWE-352. Gen Sato of TRADE WORKS Co.,Ltd. Security Dept. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...

GLPI 0.85.2 Shell Upload / Privilege Escalation

Multiple vulnerabilities have been identified in GLPI http://www.glpi-project.org. 1/ Arbitrary file upload Severity: Important Versions Affected =========== All versions between 0.85 and 0.85.2 Description ======= When an user wants to create a new ticket, he has the possibility to add an...

WordPress Statua Commerce Theme - Remote Code Execution

There is a bug in this theme, that allows any website visitor to run and see the output of any shortcode. This gives unauthenticated visitors the same power to execute code on the server as regular publishers have. Solution Update the theme...

CVE-2011-1018

logwatch.pl in Logwatch 7.3.6 allows remote attackers to execute arbitrary commands via shell metacharacters in a log file name, as demonstrated via a crafted username to a Samba server...

Microsoft Index Server contains buffer overflow

Overview A buffer overflow exists in Microsoft Index Server 2.0, which may allow remote attackers to execute code with administrarive privileges. Description Microsoft Index Server 2.0 is a tool for building an index of a web site to permit efficient searches. An intruder who can authenticate to...