CVE-2024-1577

Remote Code Execution vulnerability in MegaBIP software allows to execute arbitrary code on the server without requiring authentication by saving crafted by the attacker PHP code to one of the website files. This issue affects MegaBIP software versions through 5.11.2...

CVE-2024-1577

CVE-2024-1577 describes a Remote Code Execution in MegaBIP software, allowing unauthenticated arbitrary code execution by saving attacker-crafted PHP code to a website file. Affected: MegaBIP software versions up to 5.11.2. The connected documents do not provide any further technical details (e.g...

CVE-2024-1577 Remote Code Execution in MegaBIP

Remote Code Execution vulnerability in MegaBIP software allows to execute arbitrary code on the server without requiring authentication by saving crafted by the attacker PHP code to one of the website files. This issue affects MegaBIP software versions through 5.11.2...

GHSA-2C65-RQ62-FQHQ Path traversal in Gitblit

A Path Traversal vulnerability in Gitblit 1.9.3 can lead to reading website files via /resources//../ e.g., followed by a WEB-INF or META-INF pathname...

Path traversal in Gitblit

A Path Traversal vulnerability in Gitblit 1.9.3 can lead to reading website files via /resources//../ e.g., followed by a WEB-INF or META-INF pathname...

CVE-2022-31268

A Path Traversal vulnerability in Gitblit 1.9.3 can lead to reading website files via /resources//../ e.g., followed by a WEB-INF or META-INF pathname...

CVE-2022-31268

A Path Traversal vulnerability in Gitblit 1.9.3 can lead to reading website files via /resources//../ e.g., followed by a WEB-INF or META-INF pathname...

Path traversal

A Path Traversal vulnerability in Gitblit 1.9.3 can lead to reading website files via /resources//../ e.g., followed by a WEB-INF or META-INF pathname...

CVE-2022-31268

CVE-2022-31268 affects Gitblit 1.9.3 via a path traversal / local file inclusion flaw exposed at the path /resources//../ (e.g., following by WEB-INF or META-INF). The incident enables reading website files on the server. Public sources in connected documents also describe risk of unauthorized fi...

CVE-2022-31268

A Path Traversal vulnerability in Gitblit 1.9.3 can lead to reading website files via /resources//../ e.g., followed by a WEB-INF or META-INF pathname...

Gitblit 路径遍历漏洞

Gitblit is an open source, pure Java Git solution from Gitblit for managing, viewing and provisioning Git repositories. A security vulnerability exists in Gitblit version 1.9.3, which stems from a path traversal issue. An attacker exploiting this vulnerability could read website files...

UCMS arbitrary file reading vulnerability

UCMS is a simple and efficient PHP open source CMS builder system. UCMS v1.6 contains an arbitrary file reading vulnerability, which can be exploited by attackers to directly obtain the contents of website files, and can therefore obtain many confidential documents...

UCMS 路径遍历漏洞

UCMS is a simple and efficient PHP open source CMS builder system. UCMS v1.6 contains an arbitrary file reading vulnerability, which can be exploited by attackers to directly obtain the contents of website files, and can therefore obtain many confidential documents...

Cross-site Scripting (XSS) - Stored

Description I found a Stored XSS vulnerability at admin page: https://demo.microweber.org/demo/admin/view:settingsoptiongroup=files Proof of Concept Step 1: Go to Settings Website settings Files Step 2: Create new folder with folder name : // Request --------------------------------------- POST...

Arbitrary File Deletion Vulnerability in MetInfo of Changsha Mito Information Technology Co.

MetInfo is mainly used to build enterprise websites, using PHP+MySQL architecture, supporting SQLite database and so on. Changsha Mito Information Technology Co., Ltd MetInfo has an arbitrary file deletion vulnerability, which can be exploited by attackers to delete arbitrary files from the websi...

Arbitrary File Deletion Vulnerability in DSCMS Enterprise Content Management System

DSCMS is Changsha Deshaun network based on ThinkPHP5.0 framework development, using PHP + Mysql architecture, is a suitable for the construction of enterprise website cms station building system features a comprehensive SEO-friendly dual-language open source CMS system. DSCMS enterprise station...

Website Star CMS has multiple vulnerabilities

Ltd. is a first-class Internet application service provider based on cloud computing. There is an arbitrary file name modification, arbitrary file reading vulnerability in the background of CMS. Attackers can use this vulnerability to arbitrarily delete or read website file information, and can n...

SweetRice 1.5.1 - Backup Disclosure Vulnerability

Exploit for php platform in category web applications Title: SweetRice 1.5.1 - Backup Disclosure Application: SweetRice Versions Affected: 1.5.1 Vendor URL: http://www.basic-cms.org/ Software URL: http://www.basic-cms.org/attachment/sweetrice-1.5.1.zip Discovered by: Ashiyane Digital Security Tea...

SweetRice 1.5.1 - Backup Disclosure

Title: SweetRice 1.5.1 - Backup Disclosure Application: SweetRice Versions Affected: 1.5.1 Vendor URL: http://www.basic-cms.org/ Software URL: http://www.basic-cms.org/attachment/sweetrice-1.5.1.zip Discovered by: Ashiyane Digital Security Team Tested on: Windows 10 Bugs: Backup Disclosure Date:...

SweetRice 1.5.1 - Backup Disclosure

SweetRice 1.5.1 - Backup Disclosure Title: SweetRice 1.5.1 - Backup Disclosure Application: SweetRice Versions Affected: 1.5.1 Vendor URL: http://www.basic-cms.org/ Software URL: http://www.basic-cms.org/attachment/sweetrice-1.5.1.zip Discovered by: Ashiyane Digital Security Team Tested on: Windo...