2126 matches found
CSZCMS 1.3.0 SSRF / LFI / Remote Code Execution Vulnerabilities
Title: CSZCMS V1.3.0 - SSRF To LFI To Rce Author: Hejap Zairy Vendor: https://sourceforge.net/projects/cszcms/files/install/ Software: https://liquidtelecom.dl.sourceforge.net/project/cszcms/install/CSZCMS-V1.3.0.zip Reference: https://github.com/Matrix07ksa Tested on: Windows, MySQL, Apache 1 -...
CSZCMS 1.3.0 SSRF / LFI / Remote Code Execution
Title: CSZCMS V1.3.0 - SSRF To LFI To Rce Author: Hejap Zairy Date: 07.04.2022 Vendor: https://sourceforge.net/projects/cszcms/files/install/ Software: https://liquidtelecom.dl.sourceforge.net/project/cszcms/install/CSZCMS-V1.3.0.zip Reference: https://github.com/Matrix07ksa Tested on: Windows,...
CVE-2022-27435
An unrestricted file upload at /public/admin/index.php?addproduct of Ecommerce-Website v1.1.0 allows attackers to upload a webshell via the Product Image component...
CVE-2022-28062
Car Rental System v1.0 contains an arbitrary file upload vulnerability via the Add Car component which allows attackers to upload a webshell and execute arbitrary code...
CVE-2022-28062
Car Rental System v1.0 contains an arbitrary file upload vulnerability via the Add Car component which allows attackers to upload a webshell and execute arbitrary code...
CVE-2022-27435
An unrestricted file upload at /public/admin/index.php?addproduct of Ecommerce-Website v1.1.0 allows attackers to upload a webshell via the Product Image component...
CVE-2022-27435
An unrestricted file upload at /public/admin/index.php?addproduct of Ecommerce-Website v1.1.0 allows attackers to upload a webshell via the Product Image component...
CVE-2022-28062
Car Rental System v1.0 contains an arbitrary file upload vulnerability via the Add Car component which allows attackers to upload a webshell and execute arbitrary code...
Unrestricted file upload
An unrestricted file upload at /public/admin/index.php?addproduct of Ecommerce-Website v1.1.0 allows attackers to upload a webshell via the Product Image component...
Design/Logic Flaw
Car Rental System v1.0 contains an arbitrary file upload vulnerability via the Add Car component which allows attackers to upload a webshell and execute arbitrary code...
CVE-2022-28062
CVE-2022-28062 affects Car Rental System v1.0. The vulnerability is an arbitrary file upload via the Add Car component, enabling an attacker to upload a webshell and execute arbitrary code. The provided connected records corroborate this issue across multiple sources; no remediation, patch versio...
CVE-2022-28062
Car Rental System v1.0 contains an arbitrary file upload vulnerability via the Add Car component which allows attackers to upload a webshell and execute arbitrary code...
CVE-2022-27435
An unrestricted file upload at /public/admin/index.php?addproduct of Ecommerce-Website v1.1.0 allows attackers to upload a webshell via the Product Image component...
CVE-2022-27435
The vulnerability CVE-2022-27435 affects Ecommerce-Website v1.1.0, where an unrestricted file upload in the Product Image component at /public/admin/index.php?add_product enables attackers to upload a webshell. The core issue is lack of file upload restrictions in the admin add_product endpoint, ...
Car Rental System 代码问题漏洞
Car Rental System is a car rental system by AMEY THAKUR, an individual developer in India. A security vulnerability exists in Car Rental System v1.0, which stems from a missing file upload restriction in the Add Car component. An attacker can use this vulnerability to upload a webshell and execut...
Ecommerce-Website 代码问题漏洞
Ecommerce-Website is a complete e-commerce website with an administration panel built using PHP and MySql. v1.1.0 of Ecommerce-Website is vulnerable to a file upload vulnerability, which stems from a lack of file upload restrictions in public/admin/index.php?addproduct The vulnerability is caused...
isic.lk-RCE
Usage python exp.py http://localhost/isic !image-20...
Exploit for Code Injection in Vmware Spring_Framework
SpringFrameworkCVE-2022-22965RCE SpringFramework 远程代码执行漏洞CVE...
Exploit for Code Injection in Vmware Spring_Framework
Simple Spring4Shell POC ----------------------- Check if end...
Exploit for Code Injection in Vmware Spring_Framework
Spring Framework RCE exploitation Quick pentest notes...