2126 matches found
OS Command Injection
intelliants/subrion is vulnerable to OS Command Injection. The vulnerability is due to a lack of sanitization in the hooks system module. An attacker is able to exploit this vulnerability by sending a specially crafted webshell to a vulnerable Subrion installation. The request would contain a...
CVE-2023-4591
A local file inclusion vulnerability has been found in WPN-XM Serverstack affecting version 0.8.6, which would allow an unauthenticated user to perform a local file inclusion LFI via the /tools/webinterface/index.php?page parameter by sending a GET request. This vulnerability could lead to the...
CVE-2023-4591
A local file inclusion vulnerability has been found in WPN-XM Serverstack affecting version 0.8.6, which would allow an unauthenticated user to perform a local file inclusion LFI via the /tools/webinterface/index.php?page parameter by sending a GET request. This vulnerability could lead to the...
Remote file inclusion
A local file inclusion vulnerability has been found in WPN-XM Serverstack affecting version 0.8.6, which would allow an unauthenticated user to perform a local file inclusion LFI via the /tools/webinterface/index.php?page parameter by sending a GET request. This vulnerability could lead to the...
CVE-2023-4591
CVE-2023-4591 affects WPN-XM Serverstack 0.8.6. A local file inclusion flaw in the /tools/webinterface/index.php?page parameter allows an unauthenticated user to load server PHP files, potentially enabling a webshell. The issue is rooted in LFI handling and is described across multiple sources as...
CVE-2023-4591 Inclusion of Functionality from Untrusted Control Sphere in WPN-XM Serverstack
A local file inclusion vulnerability has been found in WPN-XM Serverstack affecting version 0.8.6, which would allow an unauthenticated user to perform a local file inclusion LFI via the /tools/webinterface/index.php?page parameter by sending a GET request. This vulnerability could lead to the...
CVE-2023-4591 Inclusion of Functionality from Untrusted Control Sphere in WPN-XM Serverstack
A local file inclusion vulnerability has been found in WPN-XM Serverstack affecting version 0.8.6, which would allow an unauthenticated user to perform a local file inclusion LFI via the /tools/webinterface/index.php?page parameter by sending a GET request. This vulnerability could lead to the...
WPN-XM Serverstack Security Vulnerability
WPN-XM Serverstack is a server stack from the WPN-XM organization for developing PHP on Windows. A security vulnerability exists in WPN-XM Serverstack version 0.8.6, which stems from the presence of a local file inclusion vulnerability that could result in loading PHP files on the server, which...
PT-2023-29763 · Unknown · Wpn-Xm Serverstack
Name of the Vulnerable Software and Affected Versions: WPN-XM Serverstack version 0.8.6 Description: A local file inclusion issue has been found, allowing an unauthenticated user to perform a local file inclusion via the "/tools/webinterface/index.php?page" parameter by sending a GET request. Thi...
CVE-2022-47893
There is a remote code execution vulnerability that affects all versions of NetMan 204. A remote attacker could upload a firmware file containing a webshell, that could allow him to execute arbitrary code as root...
Remote code execution
There is a remote code execution vulnerability that affects all versions of NetMan 204. A remote attacker could upload a firmware file containing a webshell, that could allow him to execute arbitrary code as root...
CVE-2022-47893
CVE-2022-47893 : The provided documents describe a remote code execution vulnerability affecting NetMan 204 where an attacker could upload a firmware file containing a webshell to execute arbitrary code as root. Core details: affected product NetMan 204 ; vulnerability via firmware upload; impact...
PT-2023-15521 · Unknown · Netman 204
Name of the Vulnerable Software and Affected Versions: NetMan 204 affected versions not specified Description: The issue is a remote code execution vulnerability. A remote attacker could upload a firmware file containing a webshell, allowing them to execute arbitrary code as root. Recommendations...
SolarView Compact 6.00 Remote Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SolarView Compact unauthenticated remote command execution vulnerability.', 'Description' = %q CONTEC's SolarView™ Series enables you to monitor...
bloofoxCMS File Upload Vulnerability (CNVD-2023-64046)
bloofoxCMS is Bloofox bloofoxCMS individual developers of a Php-based text content management system. A file upload vulnerability exists in bloofoxCMS version 0.5.2.1, which stems from the application's lack of valid validation of uploaded files. The vulnerability can be exploited to execute...
CVE-2020-36082
File Upload vulnerability in bloofoxCMS version 0.5.2.1, allows remote attackers to execute arbitrary code and escalate privileges via crafted webshell file to upload module...
Unrestricted file upload
File Upload vulnerability in bloofoxCMS version 0.5.2.1, allows remote attackers to execute arbitrary code and escalate privileges via crafted webshell file to upload module...
CVE-2020-36082
File Upload vulnerability in bloofoxCMS version 0.5.2.1, allows remote attackers to execute arbitrary code and escalate privileges via crafted webshell file to upload module...
bloofoxCMS 代码问题漏洞
bloofoxCMS is Bloofox bloofoxCMS individual developers of a Php-based text content management system. A file upload vulnerability exists in bloofoxCMS version 0.5.2.1, which stems from the application's lack of valid validation of uploaded files. The vulnerability can be exploited to execute...
CVE-2020-36082
File Upload vulnerability in bloofoxCMS version 0.5.2.1, allows remote attackers to execute arbitrary code and escalate privileges via crafted webshell file to upload module...