EUVD-2026-12214

A weakness has been identified in Topsec TopACM 3.0. Affected by this vulnerability is an unknown functionality of the file /view/systemConfig/management/nmcsync.php of the component HTTP Request Handler. Executing a manipulation of the argument templatepath can lead to os command injection. The...

TOPSEC TopACM 操作系统命令注入漏洞

TOPSEC TopACM is an application access control and security management system developed by TOPSEC Corporation in China. Version 3.0 of TOPSEC TopACM contains a vulnerability related to operating system command injection. This vulnerability arises from incorrect handling of parameters in the...

CVE-2026-4170 Topsec TopACM HTTP Request nmc_sync.php os command injection

A weakness has been identified in Topsec TopACM 3.0. Affected by this vulnerability is an unknown functionality of the file /view/systemConfig/management/nmcsync.php of the component HTTP Request Handler. Executing a manipulation of the argument templatepath can lead to os command injection. The...

CVE-2026-4170 Topsec TopACM HTTP Request nmc_sync.php os command injection

A weakness has been identified in Topsec TopACM 3.0. Affected by this vulnerability is an unknown functionality of the file /view/systemConfig/management/nmcsync.php of the component HTTP Request Handler. Executing a manipulation of the argument templatepath can lead to os command injection. The...

CVE-2026-4170

CVE-2026-4170 affects Topsec TopACM 3.0. The vulnerability resides in the HTTP Request Handler’s /view/systemConfig/management/nmc_sync.php function, where manipulating the argument template_path enables an unauthenticated remote OS command injection. The issue is remotely exploitable and publicl...

EUVD-2008-4872

Malware in sbrugna...

EUVD-2008-4873

Malware in sbrugna...

CVE-2009-2220

CVE-2009-2220 describes multiple directory traversal vulnerabilities in Tribiq CMS 5.0.12c—triggered when register_globals is enabled and magic_quotes_gpc is disabled—that allow remote inclusion/execution of arbitrary files via template_path in masthead.inc.php, toppanel.inc.php, contact.inc.php,...

CVE-2007-1986

Multiple PHP remote file inclusion vulnerabilities in barnraiser AROUNDMe 0.7.7 allow remote attackers to execute arbitrary PHP code via a URL in the 1 languagepathcore parameter to inc/coreprofile.header.php, the 2 templatepathcore parameter to template/barnraiser01/maintcontactview.tpl.php, and...

CVE-2006-3422

PHP remote file inclusion vulnerability in WonderEdit Pro CMS allows remote attackers to execute arbitrary PHP code via the configtemplatepath parameter in userbottom.php, as used by multiple templates including 1 rwb template/rwb/userbottom.php, 2 gwb template/rwb/userbottom.php, 3 blues, 4...

WonderEdit Pro CMS (template_path) Remote File Include Vulnerabilities

No description provided by source. -------------------------------------------------------------------------------- Title : WonderEdit Pro CMS = Pro version Remote File Include Vulnerabilities Discovered By OLiBekaS -----------------------------------------------------------------------------...