![]() ![]() The exploit has been disclosed to the public and may be used. The manipulation leads to improper access controls. This issue affects some unknown processing of the file /php_action/createUser.php. The exploit has been disclosed to the public and may be used.Ī vulnerability, which was classified as critical, has been found in SourceCodester Garage Management System 1.0. It is possible to launch the attack remotely. The manipulation of the argument userName with the input lala leads to cross site scripting. Affected is an unknown function of the file /php_action/createUser.php. The additional flags can be used to perform a command injection.Ī vulnerability, which was classified as problematic, was found in SourceCodester Garage Management System 1.0. When calling the isRemoteUrlReadable($url, array $refs = NULL) function, both the url and refs parameters are passed to the git ls-remote subcommand in a way that additional flags can be set. The package czproject/git-php before 4.0.3 are vulnerable to Command Injection via git argument injection. This vulnerability was introduced in the 5.0 rewrite and did not exist prior to that release. The Advanced Custom Fields WordPress plugin before 5.12.3, Advanced Custom Fields Pro WordPress plugin before 5.12.3 allows unauthenticated users to upload files allowed in a default WP configuration (so PHP is not possible) if there is a frontend form available. ![]() WoWonder The Ultimate PHP Social Network Platform v4.0.0 was discovered to contain an access control issue which allows unauthenticated attackers to arbitrarily change group ID names. php to be a valid image file type).Ĭontao Managed Edition v1.5.0 was discovered to contain a remote command execution (RCE) vulnerability via the component php_cli parameter. VikBooking Hotel Booking Engine & PMS plugin Media Manager>Images settings can be changed by an administrator (e.g., by configuring. Online Banking System in PHP v1 was discovered to contain multiple SQL injection vulnerabilities at /staff_login.php via the Staff ID and Staff Password parameters.Īrbitrary File Upload leading to RCE in E4J s.r.l. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file. Typemill v1.5.3 was discovered to contain an arbitrary file upload vulnerability via the upload function. SCBS Online Sports Venue Reservation System v1.0 was discovered to contain a local file inclusion vulnerability which allow attackers to execute arbitrary code via a crafted PHP file. php file in the src:url field of an Cascading Style Sheets (CSS) statement (within an HTML input file).Ī cross-site scripting (XSS) vulnerability in PHP MySQL Admin Panel Generator v1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected at /edit-db.php. ![]() The Ninja Forms Contact Form WordPress plugin before 3.6.13 unserialises the content of an imported file, which could lead to PHP object injections issues when an admin import (intentionally or not) a malicious file and a suitable gadget chain is present on the blog.Ī PHP injection vulnerability in Spip before v3.2.8 allows attackers to execute arbitrary PHP code via the _oups parameter at /ecrire.Īn arbitrary file upload vulnerability in UCMS v1.6 allows attackers to execute arbitrary code via a crafted PHP file.ĭompdf 1.2.1 allows remote code execution via a. There are currently no known workarounds. Sites that cannot fully trust template authors should upgrade to versions 3.1.45 or 4.1.1 to receive a patch for this issue. Prior to versions 3.1.45 and 4.1.1, template authors could inject php code by choosing a malicious file name. Smarty is a template engine for PHP, facilitating the separation of presentation (HTML/CSS) from application logic. As a workaround, turn off the cookie middleware. Guzzle versions 6.5.6 and 7.4.3 contain a patch for this issue. Moreover, those who do not use the same Guzzle client to call multiple domains and have disabled redirect forwarding are not affected by this vulnerability. Modern Campus Omni CMS (formerly OU Campus) 10.2.4 allows login-page SQL injection via a '" OR 1 = 1 -, true] are affected. In Exam Reviewer Management System 1.0, an authenticated attacker can upload a web-shell php file in profile page to achieve Remote Code Execution (RCE). ![]()
0 Comments
Leave a Reply. |