File upload vulnerability in disk enterprise LCMS (CNVD-2021-43592)

Pan Enterprise LCMS is a lightweight PHP development framework . A file upload vulnerability exists in PanEnterprise LCMS. An attacker can exploit the vulnerability to upload a webshell and gain server privileges...

Wordpress Plugin wpDiscuz 7.0.4 - Arbitrary File Upload (Unauthenticated)

Exploit Title: Wordpress Plugin wpDiscuz 7.0.4 - Arbitrary File Upload Unauthenticated Google Dork: inurl:/wp-content/plugins/wpdiscuz/ Date: 2021-06-06 Original Author: Chloe Chamberland Exploit Author: Juampa Rodríguez aka UnD3sc0n0c1d0 Vendor Homepage: https://gvectors.com/ Software Link:...

Wordpress wpDiscuz 7.0.4 Plugin - Arbitrary File Upload (Unauthenticated) Exploit

Exploit Title: Wordpress Plugin wpDiscuz 7.0.4 - Arbitrary File Upload Unauthenticated Google Dork: inurl:/wp-content/plugins/wpdiscuz/ Original Author: Chloe Chamberland Exploit Author: Juampa Rodríguez aka UnD3sc0n0c1d0 Vendor Homepage: https://gvectors.com/ Software Link:...

Catfish CMS suffers from a file upload vulnerability (CNVD-2021-42363)

Catfish catfish CMS is open source and free PHPCMS web content management system. Catfish CMS has a file upload vulnerability. An attacker can use the vulnerability to upload a webshell and gain server privileges...

WellCMS File Upload Vulnerability

WellCMS is an open source with a billion load, tend to mobile, lightweight, with ultra-fast response ability of high load CMS, is a large amount of data, high concurrency access to the site's best choice of light CMS. has a safe, efficient, stable, ultra-fast speed, super load characteristics. A...

CVE-2020-21005

WellCMS 2.0 beta3 is vulnerable to File Upload. A user can log in to the CMS background and upload a picture. Because the upload file type is controllable, the user can modify the upload file type to get webshell...

CVE-2020-21005

WellCMS 2.0 beta3 is vulnerable to File Upload. A user can log in to the CMS background and upload a picture. Because the upload file type is controllable, the user can modify the upload file type to get webshell...

Design/Logic Flaw

WellCMS 2.0 beta3 is vulnerable to File Upload. A user can log in to the CMS background and upload a picture. Because the upload file type is controllable, the user can modify the upload file type to get webshell...

CVE-2020-21005

WellCMS 2.0 beta3 is vulnerable to File Upload. A user can log in to the CMS background and upload a picture. Because the upload file type is controllable, the user can modify the upload file type to get webshell...

CVE-2020-21005

WellCMS 2.0 beta3 is vulnerable to a file-upload flaw where the upload file type is controllable in the CMS background, enabling an attacker to modify the file type and potentially obtain a webshell. Root cause: incomplete verification of uploaded file types. Impact: webshell capability is implie...

FDCMS File Containment Vulnerability

FDCMS is a PHP-based content management system of Sichuan Method Digital Technology Co. A file inclusion vulnerability exists in FDCMS version 4.0. An attacker can exploit this vulnerability to obtain a webshell in the background via Front/lib/Action/FindexAction.class.php...

WellCMS 代码问题漏洞

WellCMS is an open source with a billion load, tend to mobile, lightweight, with ultra-fast response ability of high load CMS, is a large amount of data, high concurrency access to the site's best choice of light CMS. has a safe, efficient, stable, ultra-fast speed, super load characteristics. A...

CVE-2020-35442

FDCMS also known as Fangfa Content Management System 4.0 allows remote attackers to get a webshell in the background via Front/lib/Action/FindexAction.class.php...

CVE-2020-35442

FDCMS also known as Fangfa Content Management System 4.0 allows remote attackers to get a webshell in the background via Front/lib/Action/FindexAction.class.php...

Design/Logic Flaw

FDCMS also known as Fangfa Content Management System 4.0 allows remote attackers to get a webshell in the background via Front/lib/Action/FindexAction.class.php...

CVE-2020-35442

FDCMS (Fangfa Content Management System) 4.0 is affected by a file inclusion vulnerability in Front/lib/Action/FindexAction.class.php, allowing remote attackers to obtain a webshell in the background. The issue is described across multiple sources (CNVD/CNNVD) as a PHP-based vulnerability in vers...

CVE-2020-35442

FDCMS also known as Fangfa Content Management System 4.0 allows remote attackers to get a webshell in the background via Front/lib/Action/FindexAction.class.php...

Fangfa FDCMS 代码问题漏洞

FDCMS is a PHP-based content management system of Sichuan Method Digital Technology Co. A file inclusion vulnerability exists in FDCMS version 4.0. An attacker can exploit this vulnerability to obtain a webshell in the background via Front/lib/Action/FindexAction.class.php...

File Upload Vulnerability in UFIDA NC Cloud Large Enterprise Digitization Platform

NC Cloud, a large enterprise digitalization platform, deeply applies the new generation of digital technologies to build an open, interconnected, convergent and intelligent integrated cloud platform and other three strategic directions for enterprise digital transformation, and provides 18...

PHP 8.1.0-dev Backdoor Remote Command Execution

!/usr/bin/env python3 Exploit Title: PHP 8.1.0-dev WebShell RCE Unauthenticated Date: 2021-05-31 Exploit Author: Mayank Deshmukh Vendor Homepage: https://www.php.net/ Software Link: https://github.com/vulhub/vulhub/tree/master/php/8.1-backdoor Version: PHP 8.1.0-dev Tested on: Kali GNU/Linux 2020...