SPIP BigUp version 4.3.1 suffers from a remote PHP code injection vulnerability.
96ef343134222af92ba1ed0f8190e233e165263a1824d6f93b058f803eb81603
SPIP BigUp version 4.2.15 suffers from a remote PHP code injection vulnerability.
b87a54430f27e47a10de7366a28ed08bc4395479f68b430b14e8107c3c0bee0b
Prison Management System version 1.0 suffers from a PHP code injection vulnerability.
6f0c4d0c2b30b067997ee3da24377eec3ac2089defddc71f84d051b385d7de50
SPIP BigUp version 4.1.17 suffers from a remote PHP code injection vulnerability.
3f74e15842234faecbfd3d61add6733355d33551d131bf6b8c351284b2d939f8
Debian Linux Security Advisory 5771-1 - Fabien Potencier discovered that under some conditions the sandbox mechanism of Twig, a template engine for PHP, could by bypassed.
1049496f29954214697205ebd4565fdbae36dcd02f1494f9dedfe7f85844e0dc
SPIP BigUp version 4.0 suffers from a remote PHP code injection vulnerability.
d265e3f12c70a2ce14755cd47abbb9cb0a47576f4669c7d7fe0c1db3d2cf9b7e
Online Student Grading System version 1.0 suffers from a remote PHP code injection vulnerability.
ee460721bce9e6abdaea812c124c2b59bd8c93354b78393df06b27cb28539092
Old Age Home Management System version 1.0 suffers from a remote PHP code injection vulnerability.
2956369607635036343c4a4a8e93211491c1beb8cca01c7a09a83394f97628dd
Membership Management System version 1.0 suffers from a remote PHP code injection vulnerability.
6e0de45243e9e524440fd167d97fbd6689974293e7f4773985cd70c38b24fe08
Live Membership Management System version 1.0 suffers from a remote PHP code injection vulnerability.
d31e0399ea428f2faae88e7a10f0f7ac944b8c2f78ece809d9c3be28459cf5b0
Men Salon Management System version 2.0 suffers from a php code injection vulnerability.
16f109978dab4dd654ee4cf808111eef9a65cfb018b4dd430500f6c941a7322c
Auto/Taxi Stand Management System version 1.0 suffers from a php code injection vulnerability.
1e0b4094b37e8533f3a72e374f0e297723b05a67a6a446f3a2c4f4ba0aa4bdb2
This Metasploit module exploits a Remote Code Execution vulnerability in the BigUp plugin of SPIP. The vulnerability lies in the lister_fichiers_par_champs function, which is triggered when the bigup_retrouver_fichiers parameter is set to any value. By exploiting the improper handling of multipart form data in file uploads, an attacker can inject and execute arbitrary PHP code on the target server. This critical vulnerability affects all versions of SPIP from 4.0 up to and including 4.3.1, 4.2.15, and 4.1.17. It allows unauthenticated users to execute arbitrary code remotely via the public interface. The vulnerability has been patched in versions 4.3.2, 4.2.16, and 4.1.18.
470929e92864600915a7773675e61c23486f09b86f3d05d72951628b436ed7c0
Nipah Virus Testing Management System version 1.0 suffers from a php code injection vulnerability.
1d5d8ecfee17bb9d29a68547de9e3007c6fb30acdff37b24dca3f23a371620dd
Emergency Ambulance Hiring Portal version 1.0 suffers from a php code injection vulnerability.
a9602dbf2dcb3e61aff1d2d0fb60dd2cce4318e79d2ebd423c56f43a95c5c275
COVID19 Testing Management System version 1.0 suffers from a php code injection vulnerability.
81883da23094b5c57395049ea06aa7068f785e862d3a4b82429dae396025a5e9
BP Monitoring Management System version 1.0 suffers from a php code injection vulnerability.
7d0200096ccae9af066f1ebc1535a7bf1f3ece0cde52cfc5f532d21d370bd831
Art Gallery Management System version 1.0 suffers from a php code injection vulnerability.
b19faa3bd593c77aadffed902c2a89af0262656a3ea584a12c74dc6dc625dca5
Ubuntu Security Notice 6841-2 - USN-6841-1 fixed a vulnerability in PHP. This update provides the corresponding updates for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that PHP could early return in the filter_var function resulting in invalid user information being treated as valid user information. An attacker could possibly use this issue to expose raw user input information.
d170b8e7f8f92515ffeb2d3bd1921abc8a3d13ffd05345330e4edb30169de83a
This Metasploit module exploits several authenticated SQL Inject vulnerabilities in VICIdial 2.14b0.5 prior to svn/trunk revision 3555 (VICIBox 10.0.0, prior to January 20 is vulnerable). Injection point 1 is on vicidial/admin.php when adding a user, in the modify_email_accounts parameter. Injection point 2 is on vicidial/admin.php when adding a user, in the access_recordings parameter. Injection point 3 is on vicidial/admin.php when adding a user, in the agentcall_email parameter. Injection point 4 is on vicidial/AST_agent_time_sheet.php when adding a user, in the agent parameter. Injection point 5 is on vicidial/user_stats.php when adding a user, in the file_download parameter. VICIdial does not encrypt passwords by default.
ee13ad5d4ae7546320169435916f3c9bac21c75f6a3c00a761a80c9d13b3d3b5
Icingaweb versions from 2.9.0 to 2.9.5 inclusive, and 2.8.0 to 2.8.5 inclusive suffer from an unauthenticated directory traversal vulnerability. The vulnerability is triggered through the icinga-php-thirdparty library, which allows unauthenticated users to retrieve arbitrary files from the targets filesystem via a GET request to /lib/icinga/icinga-php-thirdparty/<absolute path to target file on disk> as the user running the Icingaweb server, which will typically be the www-data user. This can then be used to retrieve sensitive configuration information from the target such as the configuration of various services, which may reveal sensitive login or configuration information, the /etc/passwd file to get a list of valid usernames for password guessing attacks, or other sensitive files which may exist as part of additional functionality available on the target server. This Metasploit module was tested against Icingaweb 2.9.5 running on Docker.
cdc69a4bccff0e05ac6725d9eb18225432bfef742c18d90b549db0f05b86206e
This Metasploit module exploits a directory traversal vulnerability found in Bitweaver. When handling the overlay_type parameter, view_overlay.php fails to do any path checking/filtering, which can be abused to read any file outside the virtual directory.
75260c8739219589832630db597ad076c6fa9dee26583aeb19f2537f54e959f0
This Metasploit module exploits a bypass issue with WPS Hide Login versions less than or equal to 1.9. WPS Hide Login is used to make a new secret path to the login page, however a GET request to /wp-admin/options.php with a referer will reveal the hidden path.
cf0e23084f88d35da4dd2286627bbd0801ca437e1cdded439cd94d23e28d6ab9
This Metasploit module attempts to bruteforce the chinese caidao asp/php/aspx backdoor.
60088f8d003987fa40a7002f9f668383b9ab73531f528efc470f1246253bee90
The iDangero.us Chop Slider 3 WordPress plugin version 3.4 and prior contains a blind SQL injection in the id parameter of the get_script/index.php page. The injection is passed through GET parameters, and thus must be encoded, and magic_quotes is applied at the server.
c40d3f2150f043263d7f5b593f87cd6eb6ed9507f109b3c2713e5d016de691c2