CVE-2023-29657

eXtplorer 2.1.15 is vulnerable to Insecure Permissions. File upload in file manager allows uploading zip file containing php pages with arbitrary code executions...

The vulnerability in the web interface of the operating system PAN-OS allows a hacker to enhance their privileges.

The vulnerability in the web interface of the operating system PAN-OS is related to the lack of authentication checks for a critical function. Exploiting this vulnerability allows an attacker to enhance their privileges to execute PHP scripts by sending specially crafted HTTP requests...

httpd: Substitution encoding issue in mod_rewrite

A flaw was found in the modrewrite module of httpd. Due to a substitution encoding issue, specially crafted requests may allow an attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant only to be execut...

Arbitrary File Upload

typo3/flow is vulnerable to arbitrary file uploads. The vulnerability is due to allowing the upload of server-side scripts, which can be executed if not blocked by other means...

CVE-2024-24551

A security vulnerability has been identified in Bludit, allowing authenticated attackers to execute arbitrary code through the Image API. This vulnerability arises from improper handling of file uploads, enabling malicious actors to upload and execute PHP files...

PT-2024-26280 · Unknown · Help Desk - Customer Support Management System

Name of the Vulnerable Software and Affected Versions: Help Desk - Customer Support Management System versions up to 2.4.0 Description: The issue allows a customer to upload .php files. Methods HelpdeskHelpdeskModuleFrontController::submitTicket and...

Typo3 Arbitrary file upload and XML External Entity processing

It has been discovered that Flow 3.0.0 allows arbitrary file uploads, inlcuding server-side scripts, posing the risk of attacks. If those scripts are executed by the server when accessed through their public URL, anything not blocked through other means is possible information disclosure, placeme...

PT-2024-3331 · D Link · D-Link Dir-845L

Name of the Vulnerable Software and Affected Versions: D-LINK DIR-845L versions =v1.01KRb03 Description: The issue is related to insufficient protection of internal data when handling the file parameter, potentially allowing a remote attacker to gain unauthorized access to protected information...

PT-2024-21158 · Unknown · Product Catalog (Csv

Name of the Vulnerable Software and Affected Versions: Product Catalog CSV, Excel Import simpleimportproduct versions = 6.7.0 Description: A guest can upload files with extensions .php, potentially allowing malicious code execution. Recommendations: For versions = 6.7.0, restrict access to the fi...

Microsoft Warns of COLDRIVER's Evolving Evasion and Credential-Stealing Tactics

The threat actor known as COLDRIVER has continued to engage in credential theft activities against entities that are of strategic interests to Russia while simultaneously improving its detection evasion capabilities. The Microsoft Threat Intelligence team is tracking under the cluster as Star...

Trend Micro Mobile Security for Enterprise 安全漏洞

Trend Micro Mobile Security for Enterprise is a mobile antivirus software from Trend Micro. A security vulnerability exists in Trend Micro Mobile Security for Enterprise version 9.8 SP5, which originates from the inclusion of vulnerable php files. The vulnerability can be exploited by a remote...

CVE-2022-4328

The WooCommerce Checkout Field Manager WordPress plugin before 18.0 does not validate files to be uploaded, which could allow unauthenticated attackers to upload arbitrary files such as PHP on the server...

CVE-2022-3912

The User Registration WordPress plugin before 2.2.4.1 does not properly restrict the files to be uploaded via an AJAX action available to both unauthenticated and authenticated users, which could allow unauthenticated users to upload PHP files for example...

CVE-2022-40777

Interspire Email Marketer through 6.5.0 allows arbitrary file upload via a surveyssubmit.php "create survey and submit survey" operation, which can cause a .php file to be accessible under a /admin/temp/surveys/ URI. NOTE: this issue exists because of an incomplete fix for CVE-2018-19550...

Kimsuky’s GoldDragon cluster and its C2 operations

Kimsuky also known as Thallium, Black Banshee and Velvet Chollima is a prolific and active threat actor primarily targeting Korea-related entities. Like other sophisticated adversaries, this group also updates its tools very quickly. In early 2022, we observed this group was attacking the media a...

DEBIAN-CVE-2022-31087

LDAP Account Manager LAM is a webfrontend for managing entries e.g. users, groups, DHCP settings stored in an LDAP directory. In versions prior to 8.0 the tmp directory, which is accessible by /lam/tmp/, allows interpretation of .php and .php5/.php4/.phpt/etc files. An attacker capable of writing...

CVE-2022-1939

The Allow svg files WordPress plugin before 1.1 does not properly validate uploaded files, which could allow high privilege users such as admin to upload PHP files even when they are not allowed to...

WordPress plugin Allow svg files 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. The platform supports personal blogging sites on PHP and MySQL servers. WordPress plugin is an application plugin. WordPress Allow svg files plugin...

CVE-2022-1008

The One Click Demo Import WordPress plugin before 3.1.0 does not validate the imported file, allowing high privilege users such as admin to upload arbitrary files such as PHP even when FILEMODS and FILEEDIT are disallowed...

Taocms 代码问题漏洞

taoCMS is a file management system. taoCMS is vulnerable to file uploads, which can be exploited by attackers to execute arbitrary code via carefully crafted PHP files...