52 matches found
PT-2024-33566 · Unknown · Paxman Product Website Showcase
Name of the Vulnerable Software and Affected Versions: Paxman Product Website Showcase versions n/a through 1.0 Description: The issue allows an unrestricted upload of files with dangerous types, enabling the upload of a web shell to a web server. This can potentially allow attackers to deploy...
PT-2024-33470 · Vivek Tamrakar · Wp Rest Api Fns
Name of the Vulnerable Software and Affected Versions: Vivek Tamrakar WP REST API FNS versions 1.0.0 and earlier Description: The issue allows attackers to upload harmful content, including web shells, to a web server due to an Unrestricted Upload of File with Dangerous Type vulnerability. This c...
PT-2024-33454 · Unknown · Jiangqie Free Mini Program
Name of the Vulnerable Software and Affected Versions: JiangQie Free Mini Program versions n/a through 2.5.2 Description: The issue allows for the unrestricted upload of files with dangerous types, enabling an attacker to upload a web shell to a web server. This can lead to significant security...
PT-2024-32953 · WordPress · Acf Images Search/Insert
Name of the Vulnerable Software and Affected Versions: ACF Images Search And Insert versions 1.1.4 and earlier Description: The issue affects the ACF Images Search And Insert plugin, allowing unrestricted upload of files with dangerous types, such as a web shell, to a web server. This could...
PT-2024-33352 · Unknown · Feed Comments Number
Name of the Vulnerable Software and Affected Versions: Feed Comments Number versions 0.2.1 and earlier Description: The issue allows for the unrestricted upload of files with dangerous types, enabling the upload of a web shell to a web server. This can be exploited by uploading malicious files,...
PT-2024-20697 · Ericsson · Ericsson Ran Compute/Site Controller 6610
Name of the Vulnerable Software and Affected Versions: Ericsson RAN Compute and Site Controller 6610 versions prior to 24.Q2 Description: The issue is related to improper input validation in the Control System, which can lead to arbitrary code execution. For example, it can be used to obtain a...
PT-2024-27541 · Automattic · Newspack Blocks
Name of the Vulnerable Software and Affected Versions: Automattic Newspack Blocks versions 3.0.8 and earlier Description: The issue allows for the unrestricted upload of files with dangerous types, enabling an attacker to upload a web shell to a web server. Recommendations: For versions 3.0.8 and...
PT-2024-12261 · Elementor · Unlimited Elements For Elementor
Name of the Vulnerable Software and Affected Versions: Unlimited Elements For Elementor Free Widgets, Addons, Templates versions 1.5.60 and earlier Description: The issue allows for the unrestricted upload of files with dangerous types, potentially enabling an attacker to upload a web shell to a...
Multiple issues involving quote API
Issue 1: Failure to quote characters Affected versions of this crate allowed the bytes and \xa0 to appear unquoted and unescaped in command arguments. If the output of quote or join is passed to a shell, then what should be a single command argument could be interpreted as multiple arguments. Thi...
USN-4875-1 opensmtpd vulnerabilities
It was discovered that OpenSMTPD incorrectly verified the sender's or receiver's e-mail addresses under certain conditions. An attacker could possibly use this vulnerability to execute arbitrary commands as root. CVE-2020-7247 It was discovered that OpenSMTPD did not properly handle hardlinks und...
SAXON.txt
SaVSaK.CoM | SpC-x - The-BeKiR | SAXON 4.6 Version - Remote File Include Vulnerabilities Risk : High Class: Remote Script : SAXON Credits : SpC-x Thanks : The-BeKiR - Ejder - FasTBoY - ERNE - RMx - Nukedx - Str0ke Code : include"functions.php"; include "config.php"; include $template; Vulnerable ...
Easily and Remotely Pipe a Covert Shell on phpBB version 1.4.0 and below
note to editors: please leave all links intact. Easily and Remotely Pipe a Covert Shell on phpBB version 1.4.0 and below found and written by: [email protected] http://www.modernhacker.com phpBB, is an open source bulletin board created by the phpBB group phpbb.com . Versions 1.4.0 and belo...