18 matches found
EUVD-2025-26399
Malicious code in bioql PyPI...
CVE-2025-46099
In Pluck CMS 4.7.20-dev, an authenticated attacker can upload or create a crafted PHP file under the albums module directory and access it via the module routing logic in albums.site.php, resulting in arbitrary command execution through a GET parameter...
FoxCMS 安全漏洞
FoxCMS is a free commercial open source content management system from China Qianxu FoxCMS company. A security vulnerability exists in FoxCMS 1.2 and earlier versions, which originates from the parameter password in the file /app/api/controller/Site.php of the component API Endpoint that can lead...
HuCart im***. _li***.php file has an arbitrary file deletion vulnerability
HuCart HuCart is an open source enterprise building system. HuCart im. li.php file there are arbitrary file deletion vulnerability , attackers can exploit the vulnerability to delete any file site...
taoCMS V2.5Beta5 has arbitrary file reading vulnerability
TAOCMS is the smallest fully functional CMS management system in China based on php+sqlite/mysql. taoCMS V2.5Beta5 has an arbitrary file reading vulnerability, which can be exploited by an attacker to read, download and edit all files of the site...
SemCms website builder 2.7 version exists arbitrary file deletion vulnerability
SemCms is a set of open source foreign trade enterprise website management system, mainly used for foreign trade enterprises, compatible with IE, Firefox , google, 360 and other mainstream browsers.SemCms php version written in php language, combined with apache, in window, or linux system to run...
Arbitrary File Read Vulnerability in Light CMS Version 1.7
Light CMS is an intelligent website building system built in PHP+MYSQL environment. Light CMS 1.7 version of the arbitrary file reading vulnerability, an attacker can exploit the vulnerability to read any file within the site to obtain sensitive information...
Arbitrary File Deletion Vulnerability in Light CMS Version 1.7
Light CMS is an intelligent website building system built in PHP+MYSQL environment. Light CMS 1.7 version of the arbitrary file deletion vulnerability, an attacker can exploit the vulnerability to delete any file within the site...
CVE-2017-17102
Fiyo CMS 2.0.7 has SQL injection in /system/site.php via $REQUEST'link'...
Modoer review system database.inc.php arbitrary file deletion vulnerability
Modoer review system a professional review website system, a variety of industry reviews, you can freely regulate the type of review project. Modoer system 20150505 version of the background there are arbitrary file deletion vulnerability, due to the system does not limit the deletion of...
FTP JCL Execution
require 'msf/core' require 'msf/core/exploit/tcp' class MetasploitModule 'FTP JCL Execution', 'Description' = %qSubmit JCL to z/OS via FTP and SITE FILE=JES. This exploit requires valid credentials on the target system, 'Author' = 'Bigendian Smalls', 'mainframed a.k.a. soldier of fortran',...
Simple Directory Listing Upload Vulnerability
Simple Directory Listing 2 - Cross Site File Upload -------------------------------------------------------------------------------- / Written by Michael Brooks VUlerablity type: Cross Site File Upload. Affects: SDL 2.1 beta1 Product homepage: http://simpledirectorylisting.net/ SDL has 22+ millio...
Simple Directory Listing 2 Cross Site File Upload Vulnerability
No description provided by source. Simple Directory Listing 2 - Cross Site File Upload -------------------------------------------------------------------------------- mx:Application xmlns:mx="http://www.adobe.com/2006/mxml" creationComplete="onAppInit" mx:Script / Written by Michael Brooks...
Simple Directory Listing 2 - Cross-Site Arbitrary File Upload
Simple Directory Listing 2 - Cross Site File Upload -------------------------------------------------------------------------------- / Written by Michael Brooks VUlerablity type: Cross Site File Upload. Affects: SDL 2.1 beta1 Product homepage: http://simpledirectorylisting.net/ SDL has 22+ millio...
Simple Directory Listing 2 - Cross-Site Arbitrary File Upload
Simple Directory Listing 2 - Cross-Site Arbitrary File Upload Simple Directory Listing 2 - Cross Site File Upload -------------------------------------------------------------------------------- / Written by Michael Brooks VUlerablity type: Cross Site File Upload. Affects: SDL 2.1 beta1 Product...
Simple Directory Listing 2 Cross Site File Upload Vulnerability
Exploit for unknown platform in category web applications =============================================================== Simple Directory Listing 2 Cross Site File Upload Vulnerability =============================================================== Simple Directory Listing 2 - Cross Site File...
Microsoft PicturePusher ActiveX Cross Site File Upload Attack PoC
Exploit for unknown platform in category remote exploits ================================================================= Microsoft PicturePusher ActiveX Cross Site File Upload Attack PoC ================================================================= OBJECT...
Microsoft PicturePusher ActiveX Cross Site File Upload Attack PoC
No description provided by source. !-- Microsoft PicturePusher ActiveX PipPPush.DLL 7.00.0709 remote Cross Site File Upload attack POC IE6 by Nine:Situations:Group::pyrokinesis bug discovered by rgod during early March 2008 tested software: Microsoft Digital Image 2006 Starter Edition works fine...