Tag
#php
SolarView Compact version 6.00 suffers from a PHP code injection vulnerability.
Openfire version 4.8.0 suffers from authentication bypass and code injection vulnerabilities.
MagnusBilling version 6.x suffers from a PHP code injection vulnerability.
Kafka UI version 0.7.1 suffers from a remote code injection vulnerability.
GL.iNet version 4.4.3 suffers from authentication bypass and code injection vulnerabilities.
Gibbon School Platform version 26.0.00 suffers from a PHP code injection vulnerability.
Craft CMS version 4.4.14 suffers from a PHP code injection vulnerability.
Chamilo version 1.11.18 suffers from a PHP code injection vulnerability.
Artica Proxy version 4.40 suffers from a code injection vulnerability that provides a reverse shell.
The ABB BMS/BAS controller suffers from an authenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the 'MODEM' HTTP POST parameter called by the dialupSwitch.php script.