Security
Headlines
HeadlinesLatestCVEs

Tag

#php

SolarView Compact 6.00 Code Injection

SolarView Compact version 6.00 suffers from a PHP code injection vulnerability.

Packet Storm
#vulnerability#web#windows#google#php#auth#firefox
Openfire 4.8.0 Code Injection

Openfire version 4.8.0 suffers from authentication bypass and code injection vulnerabilities.

MagnusBilling 6.x Code Injection

MagnusBilling version 6.x suffers from a PHP code injection vulnerability.

Kafka UI 0.7.1 Code Injection

Kafka UI version 0.7.1 suffers from a remote code injection vulnerability.

GL.iNet 4.4.3 Code Injection

GL.iNet version 4.4.3 suffers from authentication bypass and code injection vulnerabilities.

Gibbon School Platform 26.0.00 Code Injection

Gibbon School Platform version 26.0.00 suffers from a PHP code injection vulnerability.

Craft CMS 4.4.14 Code Injection

Craft CMS version 4.4.14 suffers from a PHP code injection vulnerability.

Chamilo 1.11.18 Code Injection

Chamilo version 1.11.18 suffers from a PHP code injection vulnerability.

Artica Proxy 4.40 Code Injection

Artica Proxy version 4.40 suffers from a code injection vulnerability that provides a reverse shell.

ABB Cylon Aspect 3.08.00 (dialupSwitch.php) Remote Code Execution

The ABB BMS/BAS controller suffers from an authenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the 'MODEM' HTTP POST parameter called by the dialupSwitch.php script.