2 matches found
Craft CMS unauthenticated Remote Code Execution (RCE)
This module exploits Remote Code Execution vulnerability CVE-2023-41892 in Craft CMS which is a popular content management system. Craft CMS versions between 4.0.0-RC1 - 4.4.14 are affected by this vulnerability allowing attackers to execute arbitrary code remotely, potentially compromising the...
WebCalendar -- remote file inclusion vulnerability
WebCalendar is proven vulnerable to a remote file inclusion vulnerability. The sendreminders.php does not properly verify the "includedir" parameter, giving remote attackers the possibility to include local and remote files. These files can be used by the attacker to gain access to the system...