CVE-2020-11815

In Rukovoditel 2.5.2, attackers can upload arbitrary file to the server by just changing the content-type value. As a result of that, an attacker can execute a command on the server. This specific attack only occurs without the Maintenance Mode setting...

Unrestricted File Uploads

Contao is vulnerable to unrestricted file uploads. Back end users with access privileges to the form generator are allowed to upload arbitrary files and execute on the server...

CVE-2019-19745

Contao 4.0 through 4.8.5 allows PHP local file inclusion. A back end user with access to the form generator can upload arbitrary files and execute them on the server...

Design/Logic Flaw

Contao 4.0 through 4.8.5 allows PHP local file inclusion. A back end user with access to the form generator can upload arbitrary files and execute them on the server...

CVE-2019-13597

s/sprm/s/dyn/PlayersetScriptFile in Sahi Pro 8.0.0 allows command execution. It allows one to run ".sah" scripts via Sahi Launcher. Also, one can create a new script with an editor. It is possible to execute commands on the server using the execute function...

CVE-2019-12170

ATutor through 2.2.4 is vulnerable to arbitrary file uploads via the mods/core/backups/upload.php aka backup component. This may result in remote command execution. An attacker can use the instructor account to fully compromise the system using a crafted backup ZIP archive. This will allow for PH...

CVE-2019-4047

IBM Jazz Reporting Service JRS 6.0.6 could allow an authenticated user to access the execution log files as a guest user, and obtain the information of the server execution. IBM X-Force ID: 156243...

CVE-2018-16169

Cybozu Remote Service 3.0.0 to 3.1.0 allows remote authenticated attackers to upload and execute Java code file on the server via unspecified vectors...

UEditor editor two version of the arbitrary file upload vulnerability analysis-vulnerability warning-the black bar safety net

0x01 introduction UEditor by Baidu WEB front-end R & D Department development of WYSIWYG the open source rich text editor with lightweight, customizable, the user experience is excellent and other characteristics, by the majority of WEB applications use; this broke the high-risk vulnerabilities...

CVE-2018-12613

An issue was discovered in phpMyAdmin 4.8.x before 4.8.2, in which an attacker can include view and potentially execute files on the server. The vulnerability comes from a portion of code where pages are redirected and loaded within phpMyAdmin, and an improper test for whitelisted pages. An...

WordPress Plugin WordPress Download Manager 2.9.60 - Cross-Site Request Forgery

WordPress Plugin WordPress Download Manager 2.9.60 - Cross-Site Request Forgery Exploit Title: WordPress Download Manager CSRF Discovery Date: 2017-12-12 Exploit Author: Panagiotis Vagenas Author Link: https://twitter.com/panVagenas Vendor Homepage: https://www.wpdownloadmanager.com/ Software Lin...

CVE-2017-12615

When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled e.g. via setting the readonly initialisation parameter of the Default to false it was possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it containe...

Design/Logic Flaw

IBM Security Privileged Identity Manager Virtual Appliance allows an authenticated user to upload malicious files that would be automatically executed by the server...

CVE-2016-5990

IBM Security Privileged Identity Manager Virtual Appliance allows an authenticated user to upload malicious files that would be automatically executed by the server...

gleamtech filevista/fileultimate 4.6 - Directory Traversal

No description provided by source. Hello I have recently released this vulnerability in a talk: http://soroush.secproject.com/blog/2012/11/file-in-the-hole/ - Title: GleamtechFileVista/FileUltimate 4.6 Directory Traversal can lead to file upload attack - Credit goes to: Soroush Dalili -...

postfix -- plaintext command injection with SMTP over TLS

Wietse Venema has discovered a software flaw that allows an attacker to inject client commands into an SMTP session during the unprotected plaintext SMTP protocol phase, such that the server will execute those commands during the SMTP- over-TLS protocol phase when all communication is supposed to...

Joomla! Cross Site Scripting Vulnerability

The host is running Joomla! and is prone to Cross site scripting vulnerability. OpenVAS Vulnerability Test $Id: gbjoomlaxssvuln.nasl 7019 2017-08-29 11:51:27Z teissa $ Joomla! Cross Site Scripting Vulnerability Authors: Sooraj KS Copyright: Copyright c 2011 Greenbone Networks GmbH,...

Free QBoard qb_path远程文件包含漏洞

BUGTRAQ ID: 18788 Free Qboard是高级的开放源码留言簿服务。 Free Qboard的多个模块中存在远程文件包含漏洞，远程攻击者可能利用此漏洞在服务器上执行任意命令。 具体漏洞代码如下： ---------------------- 1- index.php include $qbpath."incs/mysql.php"; include $qbpath."incs/crypt.php"; ---------------------------------- 2- about.php include $qbpath."incs/header.php";...

Artmedic Webdesign Kleinanzeigen Script - Remote File Inclusion

/ source: https://www.securityfocus.com/bid/10746/info Kleinanzeigen is prone to a file include vulnerability. This issue could allow a remote attacker to include malicious files containing arbitrary code to be executed on a vulnerable computer. If successful, the malicious script supplied by the...

EasyDynamicPages 1.0 - 'config_page.php' PHP Remote File Inclusion

source: https://www.securityfocus.com/bid/9338/info EasyDynamicPages is prone to a remote file include vulnerability in a configuration script. This will permit a remote attack to include malicious PHP scripts from remote servers, which will then be executed by the web server hosting the vulnerab...