3 matches found
CVE-2024-47946
If the attacker has access to a valid Poweruser session, remote code execution is possible because specially crafted valid PNG files with injected PHP content can be uploaded as desktop backgrounds or lock screens. After the upload, the PHP script is available in the web root. The PHP code execut...
PT-2023-10615 · Unknown · Red Snapper Nview
Name of the Vulnerable Software and Affected Versions: Red Snapper NView affected versions not specified Description: A critical vulnerability has been found in Red Snapper NView. This issue affects the mutate function of the file src/Session.php. The manipulation of the session argument leads to...
Open Meetings Filing Application - Remote File Inclusion
Open Meetings Filing Application - Remote File Inclusion -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Open Meetings Filing Application PROJECTROOT Remote File Include Vulnerability...