Grav CMS Remote Code Execution Vulnerability

Grav CMS is Grav open source a flat file-based content management system . Grav CMS suffers from a remote code execution vulnerability that originates from allowing authenticated administrators to upload malicious plugins via the admin/tools/direct-install interface, which can be exploited by an...

fuadmin vulnerable to insecure file upload

funadmin v3.3.2 and v3.3.3 are vulnerable to insecure file upload via the plugins install...

CVE-2023-36097

funadmin v3.3.2 and v3.3.3 are vulnerable to Insecure file upload via the plugins install...

HisiPHP 代码问题漏洞

HisiPHP is a set of rapid development framework based on ThinkPHP and Layui, which integrates permission management, module management, plugin management and database management and other functions. A security vulnerability exists in HisiPHP 2.0.11 via a special packet constructed in...

PT-2022-12270

Name of the Vulnerable Software and Affected Versions LimeSurvey version 5.2.4 Description A Remote Code Execution RCE issue exists via the upload and install plugins function, which could let a remote malicious user upload an arbitrary PHP code file. Recommendations For LimeSurvey version 5.2.4,...