CVE-2020-19510

CVE-2020-19510 affects Textpattern 4.7.3, where an arbitrary file load/upload is possible through the file_insert function in include/txp_file.php. The connected sources consistently describe this vulnerability as an arbitrary file upload issue in Textpattern; no exploit details are provided in t...

CVE-2020-19510

Textpattern 4.7.3 contains an aribtrary file load via the fileinsert function in include/txpfile.php...

Textpattern 代码问题漏洞

Textpattern is a free open source content management system based on PHP and MySQL. Textpattern has an arbitrary file upload vulnerability. An attacker can use the fileinsert function in include/txpfile.php to upload arbitrary files...

TextPattern CMS 4.8.7 - Remote Command Execution (Authenticated) Vulnerability

Exploit Title : TextPattern CMS 4.8.7 - Remote Command Execution Authenticated Exploit Author : Mert Daş email protected Software Link : https://textpattern.com/filedownload/113/textpattern-4.8.7.zip Software web : https://textpattern.com/ Tested on: Server : Xampp First of all we should use file...

TextPattern CMS 4.8.7 Remote Command Execution

Exploit Title : TextPattern CMS 4.8.7 - Remote Command Execution Authenticated Date : 2021/09/06 Exploit Author : Mert Daş [email protected] Software Link : https://textpattern.com/filedownload/113/textpattern-4.8.7.zip Software web : https://textpattern.com/ Tested on: Server : Xampp First ...

TextPattern CMS 4.8.7 - Stored Cross-Site Scripting (XSS)

Exploit Title: TextPattern CMS 4.8.7 - Stored Cross-Site Scripting XSS Date: 2021/09/06 Exploit Author: Mert Daş [email protected] Software Link: https://textpattern.com/filedownload/113/textpattern-4.8.7.zip Software web: https://textpattern.com/ Tested on: Server: Xampp TextPattern is pron...

TextPattern CMS 4.8.7 - Stored Cross-Site Scripting (XSS) Vulnerability

Exploit Title: TextPattern CMS 4.8.7 - Stored Cross-Site Scripting XSS Exploit Author: Mert Daş email protected Software Link: https://textpattern.com/filedownload/113/textpattern-4.8.7.zip Software web: https://textpattern.com/ Tested on: Server: Xampp TextPattern is prone to a cross-site...

TextPattern CMS 4.8.7 Cross Site Scripting

Exploit Title: TextPattern CMS 4.8.7 - Stored Cross-Site Scripting XSS Date: 2021/09/06 Exploit Author: Mert Daş [email protected] Software Link: https://textpattern.com/filedownload/113/textpattern-4.8.7.zip Software web: https://textpattern.com/ Tested on: Server: Xampp TextPattern is pron...

Textpattern CMS suffers from a file upload vulnerability (CNVD-2021-34232)

Textpattern CMS is a free open source content management system based on PHP and MySQL. An arbitrary file upload vulnerability exists in Textpattern CMS version 4.8.5, which can be exploited by an attacker to gain control of the server...

Command Execution Vulnerability in Textpattern CMS

Textpattern CMS is a free open source content management system based on PHP and MySQL. Textpattern CMS suffers from a command execution vulnerability that can be exploited by an attacker to gain control of the server...

Textpattern Arbitrary File Upload Vulnerability

Textpattern is a free open source content management system based on PHP and MySQL. An arbitrary file upload vulnerability exists in Textpattern version 4.8.4. The vulnerability originates from the plugin upload location in the background without any security verification. An attacker can use thi...

CVE-2021-30209

Textpattern V4.8.4 contains an arbitrary file upload vulnerability where a plug-in can be loaded in the background without any security verification, which may lead to obtaining system permissions...

CVE-2021-30209

Textpattern V4.8.4 contains an arbitrary file upload vulnerability where a plug-in can be loaded in the background without any security verification, which may lead to obtaining system permissions...

Design/Logic Flaw

Textpattern V4.8.4 contains an arbitrary file upload vulnerability where a plug-in can be loaded in the background without any security verification, which may lead to obtaining system permissions...

CVE-2021-30209

Textpattern V4.8.4 contains an arbitrary file upload vulnerability where a plug-in can be loaded in the background without any security verification, potentially leading to system permissions. Affected: Textpattern 4.8.4. Root cause: plugin upload location allows background loading without verifi...

CVE-2021-30209

Textpattern V4.8.4 contains an arbitrary file upload vulnerability where a plug-in can be loaded in the background without any security verification, which may lead to obtaining system permissions...

Textpattern Cms 代码问题漏洞

Textpattern is a free open source content management system based on PHP and MySQL. An arbitrary file upload vulnerability exists in Textpattern version 4.8.4. The vulnerability originates from the plugin upload location in the background without any security verification. An attacker can use thi...

Textpattern CMS 4.8.4 - (Comments) Persistent Cross-Site Scripting Vulnerability

Exploit Title: Textpattern CMS 4.8.4 - 'Comments' Persistent Cross-Site Scripting XSS Exploit Author: Tushar Vaidya Vendor Homepage: https://textpattern.com Software Link: https://textpattern.com/start Version: v 4.8.4 Tested on: Windows Steps-To-Reproduce: 1. Login into Textpattern CMS admin...

Textpattern 4.8.3 - Remote code execution (Authenticated) (2)

Exploit Title: Textpattern 4.8.3 - Remote code execution Authenticated 2 Date: 03/03/2021 Exploit Author: Ricardo Ruiz @ricardojoserf Vendor Homepage: https://textpattern.com/ Software Link: https://textpattern.com/start Version: Previous to 4.8.3 Tested on: CentOS, textpattern 4.5.7 and 4.6.0...

Textpattern CMS 4.8.4 Cross Site Scripting

Exploit Title: Textpattern CMS 4.8.4 - 'Comments' Persistent Cross-Site Scripting XSS Date: 2021-03-04 Exploit Author: Tushar Vaidya Vendor Homepage: https://textpattern.com Software Link: https://textpattern.com/start Version: v 4.8.4 Tested on: Windows Steps-To-Reproduce: 1. Login into...