821 matches found
ThinkPHP 5.0.23 Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ThinkPHP Multiple PHP Injection RCEs', 'Description' = %q This module exploits one of two PHP injection vulnerabilities in the ThinkPHP web...
ThinkPHP Multiple PHP Injection RCEs
This module exploits one of two PHP injection vulnerabilities in the ThinkPHP web framework to execute code as the web user. Versions up to and including 5.0.23 are exploitable, though 5.0.23 is vulnerable to a separate vulnerability. The module will automatically attempt to detect the version of...
115CMS suffers from XSS vulnerability
115CMS is a content management system developed with ThinkPHP framework. 115CMS suffers from an XSS vulnerability that can be exploited by attackers to execute malicious scripts and obtain administrator cookies...
ThinkPHP suffers from SQL injection vulnerability (CNVD-2020-25573)
ThinkPHP is developed and maintained by the Shanghai Top Thinking company MVC structure of the open-source PHP framework. ThinkPHP suffers from a SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...
File Upload Vulnerability in kitecms 5.1.38
KiteCMS open source web content management system CMS, the system is based on the framework ThinkPHP5.1. version of the development , suitable for individuals, enterprises to quickly build stations and development needs. kitecms 5.1.38 file upload vulnerability , attackers can use the vulnerabili...
File upload vulnerability in kitecms 5.1.38 (CNVD-2020-27921)
KiteCMS open source web content management system CMS, the system is based on the framework ThinkPHP5.1. version of the development , suitable for individuals, enterprises to quickly build stations and development needs. kitecms 5.1.38 file upload vulnerability , attackers can exploit the...
Arbitrary File Read Vulnerability in kitecms 5.1.38
KiteCMS open source web content management system CMS, the system is based on the framework ThinkPHP5.1. version of the development , suitable for individuals, enterprises to quickly build stations and development needs. kitecms 5.1.38 there is an arbitrary file reading vulnerability , attackers...
Myucms 2.2.4 suffers from an arbitrary file deletion vulnerability (CNVD-2020-27932)
MyuCMS open source content management system developed using ThinkPHP community mall aggregation, plug-ins, templates, lightweight and fast easy to expand. Myucms 2.2.4 version of the arbitrary file deletion vulnerability exists . Attackers can use the vulnerability to damage and reload the syste...
Myucms 2.2.4 suffers from arbitrary file deletion vulnerability (CNVD-2020-27933)
MyuCMS open source content management system developed using ThinkPHP community mall aggregation, plug-ins, templates, lightweight and fast easy to expand. Myucms 2.2.4 version of the arbitrary file deletion vulnerability exists . Attackers can use the vulnerability to damage and reload the syste...
XSS vulnerability in 115CMS frontend
115CMS is an open source content management system developed with ThinkPHP framework. 115CMS has an XSS vulnerability in the frontend, which can be exploited by attackers to obtain sensitive information such as user cookies...
JunAms content management system suffers from a file upload vulnerability (CNVD-2020-24741)
JunAMS is an open source content management system with ThinkPHP as its framework. JunAMS content management system has a file upload vulnerability that can be exploited by an attacker to upload a webshell and gain server privileges...
JunAms content management system suffers from a file upload vulnerability (CNVD-2020-24739)
JunAMS is an open source content management system with ThinkPHP as its framework. JunAMS content management system has a file upload vulnerability that can be exploited by an attacker to write a webshell and gain server privileges...
JunAms content management system suffers from SQL injection vulnerability (CNVD-2020-24743)
JunAMS is an open source content management system with ThinkPHP as its framework. The JunAMS content management system suffers from a SQL injection vulnerability that can be exploited by attackers to obtain database information...
JunAms content management system suffers from a file upload vulnerability (CNVD-2020-24740)
JunAMS is an open source content management system with ThinkPHP as its framework. JunAMS content management system has a file upload vulnerability that can be exploited by an attacker to upload a webshell and gain server privileges...
File Upload Vulnerability in Guojiz Integrated Content Management System V1.2
Guojiz integrated content management system is a domestic open source light navigation system program, based on ThinkPHP5 development, support for plug-in extensions, support for template extensions. Guojiz integrated content management system V1.2 file upload vulnerability , attackers can use th...
SQL Injection Vulnerability in CloudYou CMS Ma***.php File
CloudYou CMS is a free + open source urban substation content management system based on TP5.0 framework as the core development. CloudUnion CMS Ma.php file SQL injection vulnerability. Attackers can use the vulnerability to obtain database sensitive information...
File upload vulnerability in CLTPHP backend
CLTPHP is a content management system based on ThinkPHP5 development with Layui framework in the backend. A file upload vulnerability exists in the CLTPHP backend. An attacker can exploit the vulnerability to write php files and gain server privileges...
115CMS suffers from a file upload vulnerability (CNVD-2020-20191)
115CMS is a content management system developed with ThinkPHP framework. 115CMS suffers from a file upload vulnerability that can be exploited by attackers to gain control of a web server...
115CMS suffers from a file upload vulnerability (CNVD-2020-21044)
115CMS is a content management system developed with ThinkPHP framework. 115CMS suffers from a file upload vulnerability that can be exploited by attackers to gain control of a web server...
Command Execution Vulnerability in RGCMS
RuiGu information management system RGCMS is a set of open source building management system, using PHP language, written in the framework of Thinkphp5.1.+, the database using MYSQL database. RGCMS has a command execution vulnerability that can be exploited by attackers to gain control of the web...