Lucene search
K
ZdtMost viewed

39001 matches found

0day.today
0day.today
added 2019/06/04 12:0 a.m.309 views

Cisco RV130W 1.0.3.44 - Remote Stack Overflow Exploit

!/usr/bin/python Exploit Title: Cisco RV130W Remote Stack Overflow Google Dork: n/a Date: Advisory Published: Feb 2019 Exploit Author: @0x00string Vendor Homepage: cisco.com Software Link: https://www.cisco.com/c/en/us/products/routers/rv130w-wireless-n-multifunction-vpn-router/index.html Version...

10CVSS0.3AI score0.95707EPSS
Exploits15
0day.today
0day.today
added 2018/11/12 12:0 a.m.309 views

Advanced Comment System 1.0 SQL Injection Vulnerability

Exploit for php platform in category web applications 0day.today 2018-11-12...

0.2AI score0.04185EPSS
Exploits5
0day.today
0day.today
added 2009/03/24 12:0 a.m.309 views

PHPizabi v0.848b C1 HFP1 Remote Privilege Escalation Vulnerability

Exploit for unknown platform in category web applications ================================================================== PHPizabi v0.848b C1 HFP1 Remote Privilege Escalation Vulnerability ==================================================================...

7.1AI score
Exploits0
0day.today
0day.today
added 2025/01/01 12:0 a.m.308 views

PHP CPMS 2.0 SQL Injection Vulnerability

Titles: PHP - CPMS Version 2.0 SQLi Author: nu11secur1ty Vendor: https://github.com/oretnom23 Software: https://www.sourcecodester.com/php-clinics-patient-management-system-source-code Reference: https://portswigger.net/web-security/sql-injection Description: The username parameter appears to be...

7.4AI score
Exploits0
0day.today
0day.today
added 2024/06/02 12:0 a.m.308 views

Craft CMS Logs Plugin 3.0.3 - Path Traversal (Authenticated) Vulnerability

Exploit Title: Craft CMS Logs Plugin 3.0.3 - Path Traversal Authenticated Exploit Author: Steffen Rogge Vendor Homepage: https://github.com/ethercreative/logs Software Link: https://plugins.craftcms.com/logs Version: =3.0.4 impact: Medium found: 2021-07-06 SEC Consult Vulnerability Lab An...

4.9CVSS5.2AI score0.13759EPSS
Exploits6
0day.today
0day.today
added 2024/02/11 12:0 a.m.308 views

Rail Pass Management System 1.0 - Time-Based SQL Injection Vulnerability

Exploit Title: Rail Pass Management System - 'searchdata' Time-Based SQL Injection Exploit Author: Alperen Yozgat Vendor Homepage: https://phpgurukul.com/rail-pass-management-system-using-php-and-mysql/ Software Link: https://phpgurukul.com/?sdmprocessdownload=1&downloadid=17479 Version: 1.0 Test...

7.4AI score
Exploits0
0day.today
0day.today
added 2022/12/24 12:0 a.m.308 views

Stock Management System 2022 1.0 From Erick Cesar SQL Injection Vulnerability

Title: Stock-Management-System-2022-1.0-from-Erick-Cesar Multiple SQLi Author: nu11secur1ty Vendor: https://github.com/rickxy/Stock-Management-System Software: https://github.com/rickxy/Stock-Management-System Reference:...

0.4AI score
Exploits0
0day.today
0day.today
added 2022/09/19 12:0 a.m.308 views

PhotoSync 4.7 Local File Inclusion Vulnerability

Exploit Title: PhotoSync 4.7 IOS APP Local file inclusion Exploit Author: Chokri Hammedi Vendor Homepage: https://www.photosync-app.com/home.html Software Link: https://apps.apple.com/us/app/photosync-transfer-photos/id415850124 Version: 4.7 Tested on: iPhone IOS 16.0 GET...

Exploits0
0day.today
0day.today
added 2022/04/07 12:0 a.m.308 views

ICEHRM 31.0.0.0S - Cross-site Request Forgery (CSRF) to Account Deletion Vulnerability

Exploit Title: ICEHRM 31.0.0.0S - Cross-site Request Forgery CSRF to Account Deletion Exploit Author: Devansh Bordia Vendor Homepage: https://icehrm.com/ Software Link: https://github.com/gamonoid/icehrm/releases/tag/v31.0.0.OS Version: 31.0.0.OS Tested on: Windows 10 CVE: CVE-2022-26588 1. About...

6.5CVSS1.1AI score0.0057EPSS
Exploits4
0day.today
0day.today
added 2021/10/21 12:0 a.m.308 views

Small CRM 3.0 - (description) Stored Cross-Site Scripting Vulnerability

Exploit Title: Small CRM 3.0 - 'description' Stored Cross-Site Scripting XSS Exploit Author: Ghuliev Vendor Homepage: https://phpgurukul.com Software Link: https://phpgurukul.com/small-crm-php/ Version: 3.0 Tested on: Server: Ubuntu When a user or admin creates a ticket, we can inject javascript...

Exploits0
0day.today
0day.today
added 2020/02/18 12:0 a.m.308 views

WordPress Theme Fruitful 3.8 - Persistent Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: WordPress Theme Fruitful 3.8 - Persistent Cross-Site Scripting Dork: intext:"Fruitful theme by fruitfulcode Powered by: WordPress" intext:"Comment" intext:"Leave a Reply" Category : Webapps Software Link:...

7.1AI score
Exploits0
0day.today
0day.today
added 2019/07/03 12:0 a.m.308 views

Symantec DLP 15.5 MP1 - Cross-Site Scripting Vulnerability

Exploit for multiple platform in category web applications Exploit Title: Persistent XSS on Symantec DLP = 15.5 MP1 Exploit Author: Chapman Schleiss Vendor Homepage: https://www.symantec.com/ Software Link: https://support.symantec.com/us/en/mysymantec.html Version: = 15.5 MP1 CVE : 2019-9701...

3.5CVSS5.2AI score0.01763EPSS
Exploits2
0day.today
0day.today
added 2019/04/01 12:0 a.m.308 views

Linux/x86 - XOR Encoder / Decoder execve(/bin/sh) Shellcode (45 bytes)

/ ; XOR-Encoder.py ; Author: Daniele Votta ; Description: This program encode shellcode with XOR technique. ; Tested on: i686 GNU/Linux ; Shellcode Length:25 !/usr/bin/python Python XOR Encoder Execve /bin/sh shellcode...

0.2AI score
Exploits0
0day.today
0day.today
added 2018/03/05 12:0 a.m.308 views

Suricata < 4.0.4 - IDS Detection Bypass Vulnerability

Exploit for multiple platform in category dos / poc ----------------------------------------------------- Vulnerability Type: Detection Bypass Affected Product: Suricata Vulnerable version: SYN Seq=0 Ack= 0 - Evil Server Client ACK Seq=1 Ack= 84 - Evil Server Client - PSH, ACK Seq=1 Ack= 84 - Evi...

5.6AI score0.24712EPSS
Exploits4
0day.today
0day.today
added 2017/11/22 12:0 a.m.308 views

WordPress Yoast SEO Cross Site Scripting Vulnerability

Exploit for php platform in category web applications Discoverer: Elias Dimopoulos Linkedin: https://gr.linkedin.com/in/dimopouloselias Vulnerability: Reflected XSS Affected plugin: Yoast SEO plugin alertwindow.location!-- The victim has to have a valid profile under...

7.1AI score0.01345EPSS
Exploits3
0day.today
0day.today
added 2017/02/21 12:0 a.m.308 views

Tenda N3 Wireless N150 Home Router - Authentication Bypass Vulnerability

Exploit for hardware platform in category web applications Exploit Title: Complete Authentication Bypass In Tenda N3 Wireless N150 Routers Date: 03-09-2015 Software Link: http://tendacn.com/en/product/N150.html Exploit Author: Mandeep Jadon Contact: http://twitter.com/1337tr0lls Website:...

10CVSS0.1AI score0.19065EPSS
Exploits3
0day.today
0day.today
added 2024/10/23 12:0 a.m.307 views

ABB Cylon Aspect 3.08.01 logCriticalLookup.php Unauthenticated Log Disclosure Vulnerability

ABB Cylon Aspect version 3.08.01 suffers from an unauthenticated log information disclosure vulnerability. An unauthorized attacker can reference the affected page and disclose the webserver's log file containing system information running on the device. ABB Cylon Aspect 3.08.01...

7.1AI score
Exploits0
0day.today
0day.today
added 2024/05/19 12:0 a.m.307 views

Wordpress Theme XStore 9.3.8 - SQL injection Vulnerability

Exploit Title: Wordpress Theme XStore 9.3.8 - SQLi Google Dork: N/A Exploit Author: Abdualhadi khalifa https://twitter.com/absholily Version: 5.3.5 Tested on: Windows10 CVE: CVE-2024-33559 Poc POST /?s=%27%3B+SELECT++FROM+wpposts%3B+-- HTTP/1.1 Host: example.com User-Agent: Mozilla/5.0 Windows NT...

9.3CVSS7.1AI score0.03553EPSS
Exploits3
0day.today
0day.today
added 2024/01/29 12:0 a.m.307 views

Typora v1.7.4 - OS Command Injection Vulnerability

Exploit Title: Typora v1.7.4 - OS Command Injection Discovered by: Ahmet Ümit BAYRAM Vendor Homepage: http://www.typora.io Software Link: https://download.typora.io/windows/typora-setup-ia32.exe Tested Version: v1.7.4 latest Tested on: Windows 2019 Server 64bit Steps to Reproduce Open the...

7.4AI score
Exploits0
0day.today
0day.today
added 2023/10/09 12:0 a.m.307 views

Ruijie Reyee Mesh Router - MITM Remote Code Execution Exploit

Exploit Title: Ruijie Reyee Wireless Router firmware version B11P204 - MITM Remote Code Execution RCE Date: April 15, 2023 Exploit Author: Mochammad Riyan Firmansyah of SecLab Indonesia Vendor Homepage: https://ruijienetworks.com Software Link:...

7.4AI score
Exploits0
0day.today
0day.today
added 2023/06/26 12:0 a.m.307 views

Microsoft 365 MSO (Version 2305 Build 16.0.16501.20074) 64-bit Remote Code Execution Vulnerability

Title: Microsoft 365 MSO Version 2305 Build 16.0.16501.20074 64-bit Remote Code Execution Vulnerability Author: nu11secur1ty Date: 04.17.2023 Vendor: https://www.microsoft.com/ Software: https://www.microsoft.com/en-us/microsoft-365/ Reference:...

7.8CVSS7.8AI score0.03011EPSS
Exploits4
0day.today
0day.today
added 2023/06/12 12:0 a.m.307 views

Anevia Flamingo XL 3.6.20 Authenticated Root Remote Code Execution Vulnerability

Anevia Flamingo XL version 3.6.20 suffers from an authenticated remote code execution vulnerability. A remote attacker can exploit this issue and execute arbitrary system commands granting her system access with root privileges. Anevia Flamingo XL 3.6.20 Authenticated Root Remote Code Execution...

8.4AI score
Exploits0
0day.today
0day.today
added 2023/05/31 12:0 a.m.307 views

Flexense HTTP Server 10.6.24 - Buffer Overflow Exploit

Exploit Title: Flexense HTTP Server 10.6.24 - Buffer Overflow DoS Metasploit Exploit Author: Ege Balci Vendor Homepage: https://www.flexense.com/downloads.html Version: 'Flexense HTTP Server Denial Of Service', 'Description' = %q This module triggers a Denial of Service vulnerability in the...

7.5CVSS7.6AI score0.76544EPSS
Exploits6
0day.today
0day.today
added 2023/04/20 12:0 a.m.307 views

Lilac-Reloaded for Nagios 2.0.8 - Remote Code Execution Exploit

!/usr/bin/env python """ Exploit Title: Lilac-Reloaded for Nagios 2.0.8 - Remote Code Execution RCE Exploit Author: max / Zoltan Padanyi Vendor Homepage: https://exchange.nagios.org/directory/Addons/Configuration/Lilac-2DReloaded/visit Software Link:...

7.4AI score
Exploits0
0day.today
0day.today
added 2023/03/28 12:0 a.m.307 views

BoxBilling <= 4.22.1.5 - Remote Code Execution Vulnerability

Exploit Title: BoxBilling POC Video : https://drive.google.com/file/d/1m2glCeJ9QXc8epuY2QfvbWwjLTJ8Hjx/view?usp=sharing...

7.2CVSS7AI score0.44002EPSS
Exploits7
0day.today
0day.today
added 2022/11/21 12:0 a.m.307 views

Boa Web Server 0.94.13 / 0.94.14 Authentication Bypass Exploit

Boa Web Server versions 0.94.13 through 0.94.14 fail to validate the correct security constraint on the HEAD HTTP method allowing everyone to bypass the Basic Authorization mechanism. Exploit Title: Boa Web Server 0.94.13-0.94.14 Authentication Bypass Date: 19-11-2022 Exploit Author: George...

0.3AI score
Exploits0
0day.today
0day.today
added 2022/04/07 12:0 a.m.307 views

binutils 2.37 - Objdump Segmentation Fault Vulnerability

Exploit Title: binutils 2.37 - Objdump Segmentation Fault Exploit Author: p3tryx Vendor Homepage: https://www.gnu.org/software/binutils/ Version: binutils 2.37 Tested on: Ubuntu 18.04 CVE : CVE-2021-43149 Payload file %223"\972\00\0083=Q333A11111111411111333333A $$$\FF$\80 1114...

6.8AI score
Exploits3
0day.today
0day.today
added 2022/03/02 12:0 a.m.307 views

Car Driving School Management 1.0 SQL Injection Vulnerability

Title: Car Driving School Management v1.0 SQLi Author: nu11secur1ty Vendor: https://www.sourcecodester.com/users/tips23 Software: https://www.sourcecodester.com/php/15070/car-driving-school-management-system-phpoop-free-source-code.html Reference:...

9.8CVSS1.3AI score0.01613EPSS
Exploits3
0day.today
0day.today
added 2021/10/01 12:0 a.m.307 views

MiniOrange SAML Drupal Module 8.x-2.22 Privilege escalation via XML Signature Wrapping Vulnerability

Exploit Title: Drupal Module MiniorangeSAML 8.x-2.22 - Privilege escalation via XML Signature Wrapping Exploit Author: Cristian 'void' Giustini Vendor Homepage: https://www.miniorange.com/ Software Link: https://www.drupal.org/project/miniorangesaml Version: 8.x-2.22 REQUIRED Tested on: Linux...

0.7AI score
Exploits0
0day.today
0day.today
added 2021/04/07 12:0 a.m.307 views

Ignition 2.5.1 Remote Code Execution Exploit

Ignition versions prior to 2.5.2, as used in Laravel and other products, allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of filegetcontents and fileputcontents. This is exploitable on sites using debug mode with Laravel versions prior to 8.4.2. Exploit...

9.8CVSS0.8AI score0.99943EPSS
Exploits36
0day.today
0day.today
added 2020/08/20 12:0 a.m.307 views

PNPSCADA 2.200816204020 - (interf) SQL Injection (Authenticated) Vulnerability

Exploit for php platform in category web applications Exploit Title: PNPSCADA 2.200816204020 - 'interf' SQL Injection Authenticated Exploit Author: İsmail ERKEK Vendor Homepage: http://wiki.pnpscada.com/forumHome.jsp Version: 2.200816204020 Tested on: - 1. Description: ----------------------...

0.6AI score
Exploits0
0day.today
0day.today
added 2020/04/18 12:0 a.m.307 views

Prestashop 1.7.6.4 XSS / CSRF / Remote Code Execution Vulnerabilities

Exploit for php platform in category web applications Prestashop | stazot.com Last Modified: 2020-04-11 Vendor : https://www.prestashop.com/ Version : = 1.7.6.4 Tested on : 1.7.6.4 -- Table of Contents 00 - Introduction 01 - Exploit 02 - Cross-Site Request Forgery CSRF 02.1 - Exploitation 03 -...

0.2AI score
Exploits0
0day.today
0day.today
added 2019/04/15 12:0 a.m.307 views

CuteNews 2.1.2 - avatar Remote Code Execution Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "CuteNews 2.1.2 - 'avatar' Remote Code Execution", 'Description' = %q This module exploits a command execution vulnerability in CuteNews prior to...

0.1AI score
Exploits0
0day.today
0day.today
added 2018/11/14 12:0 a.m.307 views

ClipperCMS 1.3.3 - Cross-Site Request Forgery (File Upload) Vulnerability

Exploit for php platform in category web applications Exploit Title: ClipperCMS 1.3.3 File Upload CSRF Vulnerability Exploit Author: Ameer Pornillos Website: http://ethicalhackers.club Vendor Homepage: http://www.clippercms.com/ Software Link:...

0.4AI score0.02962EPSS
Exploits5
0day.today
0day.today
added 2015/12/01 12:0 a.m.307 views

Centos 7.1 / Fedora 22 - abrt Local Root Exploit

CentOS version 7.1 and Fedora version 22 abrt local root exploit. It leverages abrt-hook-ccpp insecure open usage and abrt-action-install-debuginfo insecure temp directory usage. !/usr/bin/python CVE-2015-5273 + CVE-2015-5287 CENTOS 7.1/Fedora22 local root probably works on SL and older versions...

6.9CVSS6.2AI score0.03268EPSS
Exploits18
0day.today
0day.today
added 2006/12/09 12:0 a.m.307 views

TorrentFlux 2.2 (downloaddetails.php) Local File Disclosure Exploit

Exploit for unknown platform in category web applications =================================================================== TorrentFlux 2.2 downloaddetails.php Local File Disclosure Exploit =================================================================== Description: TorrentFlux fails to...

7.1AI score
Exploits0
0day.today
0day.today
added 2023/12/07 12:0 a.m.306 views

Winter CMS 1.2.2 / 1.2.3 Server-Side Template Injection Vulnerability

Exploit Title: Winter CMS 1.2.2 / 1.2.3 - Server-Side Template Injection SSTI Authenticated Exploit Author: tmrswrr Date: 12/05/2023 Vendor: https://wintercms.com/ Software Link: https://github.com/wintercms/winter/releases/v1.2.2 Vulnerable Versions: 1.2.2 / 1.2.3 Tested :...

7.4AI score
Exploits0
0day.today
0day.today
added 2023/10/02 12:0 a.m.306 views

Electrolink FM/DAB/TV Transmitter (Login Cookie) Authentication Bypass Vulnerability

Electrolink FM/DAB/TV Transmitter suffers from an authentication bypass vulnerability affecting the Login Cookie. An attacker can set an arbitrary value except NO to the Login Cookie and have full system access. Electrolink FM/DAB/TV Transmitter Login Cookie Authentication Bypass Vendor:...

7.7AI score
Exploits0
0day.today
0day.today
added 2023/05/31 12:0 a.m.306 views

Lost And Found Information System 1.0 Broken Access Control / Privilege Escalation Vulnerability

Vulnerability: Broken Access Control Author: Akash Pandey CVE: CVE-2023-3018 Source: https://www.sourcecodester.com/php/16525/lost-and-found-information-system-using-php-and-mysql-db-source-code-free-download.html Steps to re-produce: 1. Go to https://site.com/admin/?page=user/list as staff user...

8.8CVSS7.1AI score0.00735EPSS
Exploits3
0day.today
0day.today
added 2023/05/19 12:0 a.m.306 views

ChurchCRM 4.5.4 Cross Site Scripting Vulnerability

Exploit Title: ChurchCRM v4.5.4 - Reflected XSS via Image Authenticated Exploit Author: Rahad Chowdhury Vendor Homepage: http://churchcrm.io/ Software Link: https://github.com/ChurchCRM/CRM/releases/tag/4.5.4 Version: 4.5.4 Tested on: Windows 10, PHP 7.4.29, Apache 2.4.53 CVE: CVE-2023-31699 Step...

4.8CVSS7.1AI score0.01508EPSS
Exploits3
0day.today
0day.today
added 2023/04/20 12:0 a.m.306 views

GDidees CMS 3.9.1 - Local File Disclosure Vulnerability

Exploit Title: GDidees CMS 3.9.1 - Local File Disclosure Exploit Author : Hadi Mene Vendor Homepage : https://www.gdidees.eu/ Software Link : https://www.gdidees.eu/cms-1-0.html Version : 3.9.1 and earlier Tested on : Debian 11 CVE : CVE-2023-27179 Summary: GDidees CMS v3.9.1 and lower versions w...

7.5CVSS7.6AI score0.60793EPSS
Exploits4
0day.today
0day.today
added 2023/04/19 12:0 a.m.306 views

VMware Workspace ONE Access Privilege Escalation Exploit

This Metasploit module exploits CVE-2022-22960 which allows the user to overwrite the permissions of the certproxyService.sh script so that it can be modified by the horizon user. This allows a local attacker with the uid 1001 to escalate their privileges to root access. This module requires...

7.8CVSS8.5AI score0.37171EPSS
Exploits8
0day.today
0day.today
added 2023/04/03 12:0 a.m.306 views

Windows/x86 - Create Administrator User / Dynamic PEB & EDT method null-free Shellcode 373 bytes

; Title: Name: Windows/x86 - Create Administrator User / Dynamic PEB & EDT method null-free Shellcode 373 bytes ; Author: Xavi Beltran ; Contact: email protected ; Website: https://xavibel.com/2023/01/18/shellcode-windows-x86-create-administrator-user-dynamic-peb-edt/ ; Date: 18/01/2022 ; Tested...

7.1AI score
Exploits0
0day.today
0day.today
added 2023/03/28 12:0 a.m.306 views

Google Chrome 109.0.5414.74 Unsafe Library Load Vulnerability

Google Chrome version 109.0.5414.74 on Ubuntu attempts to load libnssckbi.so from a user-writable location and if missing, a replacement piece of malware can be used by an attacker to achieve code execution. Although privilege escalation is not likely as an attacker would already need access to t...

7.7AI score
Exploits0
0day.today
0day.today
added 2022/04/07 12:0 a.m.306 views

Kramer VIAware - Remote Code Execution Exploit

Exploit Title: Remote Code Execution as Root on KRAMER VIAware Exploit Author: sharkmoos Vendor Homepage: https://www.kramerav.com/ Software Link: https://www.kramerav.com/us/product/viaware Version: Tested on: ViaWare Go Linux CVE : CVE-2021-35064, CVE-2021-36356 import sys, urllib3 from request...

9.8CVSS0.2AI score0.70753EPSS
Exploits6
0day.today
0day.today
added 2022/02/22 12:0 a.m.306 views

ScadaFlex II SCADA Controllers SC-1/SC-2 1.03.07 Remote File Modification Exploit

ICL ScadaFlex II SCADA Controllers SC-1/SC-2 version 1.03.07 is vulnerable to unauthenticated file write/overwrite and deletion. This allows an attacker to execute critical file CRUD operations on the device that can potentially allow system access and impact availability. !/usr/bin/env python3 -...

9.1CVSS0.8AI score0.37295EPSS
Exploits5
0day.today
0day.today
added 2022/01/13 12:0 a.m.306 views

Hospitals Patient Records Management System 1.0 - (room_list) Stored XSS Vulnerability

Exploit Title: Hospitals Patient Records Management System 1.0 - 'roomlist' Stored Cross Site Scripting XSS Exploit Author: Sant268 Vendor Homepage: https://www.sourcecodester.com/ Software Link:...

7.4AI score
Exploits0
0day.today
0day.today
added 2021/11/02 12:0 a.m.307 views

Ericsson Network Location MPS GMPC21 - Remote Code Execution Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Ericsson Network Location MPS - Restrictions Bypass RCE Meow Variant', 'Description' = %q This module exploits an arbitrary command execution...

7.1AI score
Exploits0
0day.today
0day.today
added 2020/12/17 12:0 a.m.306 views

Oracle Solaris SunSSH PAM parse_user_name() Buffer Overflow Exploit

This Metasploit module exploits a stack-based buffer overflow in the Solaris PAM library's username parsing code, as used by the SunSSH daemon when the keyboard-interactive authentication method is specified. Tested against SunSSH 1.1.5 on Solaris 10u11 1/13 x86 in VirtualBox, VMware Fusion, and...

10CVSS9.9AI score0.80291EPSS
Exploits13
0day.today
0day.today
added 2012/10/29 12:0 a.m.306 views

Joomla Component com_jce remote Code Injecion / Execution Exploit (perl)

JCE component for Joomla! could allow a remote authenticated attacker to upload arbitrary files, caused by the improper validation of file extensions by the file.php script. By sending a specially-crafted HTTP request, a remote attacker could exploit this vulnerability to upload a malicious PHP...

7.6AI score
Exploits0
Total number of security vulnerabilities5000