10 matches found
CVE-2019-9612
CVE-2019-9612 affects OFCMS before 1.1.3. The issue arises in the backend file upload handling: blocking of .jsp/.jspx files fails to consider file.jsp::$DATA within the admin/comn/service/upload URI, enabling remote attackers to execute arbitrary code. This is a remote code execution vulnerabili...
CVE-2019-9616
The CVE-2019-9616 issue affects OFCMS prior to version 1.1.3. The vulnerability arises from blocking of .jsp and .jspx files not accounting for file.jsp::$DATA in the admin/ueditor/uploadScrawl URI, enabling a remote attacker to execute arbitrary code. Affected component: OFCMS backend upload han...
CVE-2019-9609
CVE-2019-9609 affects OFCMS prior to 1.1.3. The issue arises because blocking of .jsp/.jspx files does not account for file.jsp::$DATA when targeting the admin/comn/service/editUploadImage URI, enabling remote attackers to execute arbitrary code. Product: OFCMS; version: before 1.1.3; component: ...
CVE-2019-9608
CVE-2019-9608 affects OFCMS prior to 1.1.3. The vulnerability arises in the backend ueditor/uploadImage path where blocking of .jsp/.jspx files does not account for file.jsp::$DATA, enabling remote attackers to execute arbitrary code. Public references in CNVD, NVD and Red Hat records corroborate...
CVE-2019-9611
CVE-2019-9611 affects OFCMS prior to 1.1.3. The issue enables a directory traversal via the admin/cms/template/getTemplates.html?res_path=res parameter, allowing ../ in dir to write arbitrary content (file_content) to an arbitrary file (file_name). Root cause: save function in TemplateController....
CVE-2019-9613
CVE-2019-9613 affects OFCMS prior to 1.1.3. The issue arises in the backend ueditor/uploadVideo handling where blocking of .jsp and .jspx files fails to consider file.jsp::$DATA, enabling remote attackers to execute arbitrary code via the admin/ueditor/uploadVideo URI. Documents consistently desc...
CVE-2019-9614
CVE-2019-9614 affects OFCMS prior to 1.1.3. A command injection vulnerability exists in a template file that uses ${ ex('') }, enabling execution of arbitrary commands. Multiple connected sources corroborate this flaw and specify that the vulnerability arises from a Freemarker-based template mec...
CVE-2019-9617
CVE-2019-9617 affects OFCMS prior to 1.1.3. The issue is a remote code execution vector where blocking of *.jsp and *.jspx files does not consider file.jsp::$DATA in the admin/ueditor/uploadFile URI, enabling arbitrary code execution. The connected sources confirm the affected product/version and...
CVE-2019-9610
OFCMS prior to 1.1.3 is affected by a directory traversal in getTemplates.html exposed through admin/cms/template/getTemplates.html?res_path=res&up_dir=../, related to TemplateController.java. The vulnerability allows traversal of directories via the up_dir parameter, as described across CVE/comm...
CVE-2019-9615
CVE-2019-9615 affects OFCMS prior to 1.1.3. The backend SQL injection is reachable via admin/system/generate/create?sql= and is attributed to SystemGenerateController.java. The vulnerability allows injection through the SQL parameter, enabling a attacker-controlled query that could impact data in...