7 matches found
CVE-2018-25176
Alive Parish 2.0.4 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the key parameter in the search endpoint. Attackers can also upload arbitrary files via the person photo upload functionality to th...
CVE-2018-25176
Alive Parish 2.0.4 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the key parameter in the search endpoint. Attackers can also upload arbitrary files via the person photo upload functionality to th...
CVE-2018-25176 Alive Parish 2.0.4 SQL Injection and Arbitrary File Upload
Alive Parish 2.0.4 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the key parameter in the search endpoint. Attackers can also upload arbitrary files via the person photo upload functionality to th...
PrestaShop 信息泄露漏洞
PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides multiple payment methods, short message alerts and product image scaling. An information disclosure vulnerability exists in PrestaShop versions prior to 1.7.8.8. The vulnerability...
Zenphoto CMS 1.5.7 Shell Upload Vulnerability
Authenticated arbitrary file upload to RCE Product : Zenphoto Affected : Zenphoto CMS - = 1.5.7 Attack Type : Remote login then go to plugins then go to uploader and press on the check box elFinder then press apply , after that you go to upload then FileselFinder drag and drop any malicious php...
Webtareas 2.1p - Arbitrary File Upload (Authenticated)
Exploit Title: Webtareas 2.1p - Arbitrary File Upload Authenticated Author: AppleBois Date: 2020-07-10 Exploit author : AppleBois Vendor Hompage:https://sourceforge.net/projects/webtareas/ Version: 2.1 && 2.1p Tested on: Window 10 64 bit environment || XAMPP Authenticated User allowed to upload...
PHP Scripts Mall Image Sharing Script Directory Traversal Vulnerability
PHP Scripts Mall Image Sharing Script is an image sharing script that can also be used to share digital content such as music, videos, templates and more. A directory traversal vulnerability exists in PHP Scripts Mall Image Sharing Script 1.3.4. This vulnerability can be exploited to achieve...