Exploit for Command Injection in Magnussolution Magnusbilling

CVE-2023-30258 — Magnus Billing v7 Command Injection PoC...

CVE-2025-34134

Nagios XI versions prior to 2024R1.4.2 contain a remote code execution vulnerability in the Business Process Intelligence BPI component. Insufficient validation and sanitization of administrator-controlled BPI configuration parameters notably bpilogfile and bpiconfigfile allow an authenticated...

Dmacroweb DM Corporative CMS 信息泄露漏洞

Dmacroweb DM Corporative CMS is a content management system from the Spanish company Dmacroweb. Dmacroweb DM Corporative CMS suffers from a path disclosure vulnerability that can be exploited by an attacker to view the contents of webroot/file...

emlog path traversal vulnerability (CNVD-2021-39975)

emlog is a powerful blog and CMS builder based on PHP and MySQL. A path traversal vulnerability exists in t/index.php in emlog 5.3.1. An attacker can exploit this vulnerability to view the path to webroot/file...

CVE-2021-3293

emlog v5.3.1 has full path disclosure vulnerability in t/index.php, which allows an attacker to see the path to the webroot/file...

Path traversal

emlog v5.3.1 has full path disclosure vulnerability in t/index.php, which allows an attacker to see the path to the webroot/file...

Concrete CMS: FULL PATH DISCLOSUR

Full Path Disclosure FPD vulnerabilities enable the attacker to see the path to the webroot/file. e.g.: /home/omg/htdocs/file/. Certain vulnerabilities, such as using the loadfile within a SQL Injection query to view the page source, require the attacker to have the full path to the file they wis...

Cyclonic Webmail 4 multiple vulnerabilities

Software: Cyclonic Webmail Version : 4 vendor : Stallion Networking 1. Software description ---------------------- Cyclonic is a webbased interface allowing users to handle emails stored on a POP Server. This software is Freeware 2. Vulnerability description ------------------------- - bypassing...