The ABB Cylon Aspect version 3.07.00 BMS/BAS controller suffers from an unauthenticated OS command injection vulnerability. This can be exploited to inject and execute arbitrary shell commands through the host HTTP GET parameter called by networkDiagAjax.php script.
8123a5d0a4c6fa336d0b765079abb5168cf0f686b24baa715db1e55915f315fePHP SPM version 1.0 suffers from a PHP code injection vulnerability.
42eadddca12393ee271fabcce4e022f9356f7034e6fb3c8f39890de24c8c2b65PHP ACRSS version 1.0 suffers from a PHP code injection vulnerability.
9a020e5f43760ba811c1702f617a4ccf04426dfe0e6f358f368a57c7bd6f3a92Traccar version 5.1 suffers from a PHP code injection vulnerability.
5595b2f52c8ca128698035a80627f56d2e0f69a1d0d431ac663d369417828fbbABB Cylon Aspect version 3.08.01 BMS/BAS controller suffers from a remote code execution vulnerability. The vulnerable uploadFile() function in bigUpload.php improperly reads raw POST data using the php://input wrapper without sufficient validation. This data is passed to the fwrite() function, allowing arbitrary file writes. Combined with an improper sanitization of file paths, this leads to directory traversal, allowing an attacker to upload malicious files to arbitrary locations. Once a malicious file is written to an executable directory, an authenticated attacker can trigger the file to execute code and gain unauthorized access to the building controller.
da48953d86e3e633d210a21a755ad55098b6f12fdc0866504b37f9828d654fc5ABB Cylon Aspect version 3.08.01 MS/BAS controller suffers from an arbitrary file deletion vulnerability. Input passed to the file parameter in databasefiledelete.php is not properly sanitized before being used to delete files. This can be exploited by an unauthenticated attacker to delete files with the permissions of the web server using directory traversal sequences passed within the affected POST parameter.
5dbc986f6601c3bda5e54887231d2fa175f92f4f522e9ef2bc6cd9d2c722d9d9PHP ACRSS version 1.0 suffers from a cross site request forgery vulnerability.
eae5bd10e0e3c0cb032d26f40702865ee30f2c293fef75064a152ed20917169ePHP SPM version 1.0 suffers from a cross site request forgery vulnerability.
25519b806495665c5736468ca62dfab30a516399cf5e67d1acce326963a8b403Car Rental Project version 1.0 suffers from a remote PHP code injection vulnerability.
252ce8fbf630a1f590df96748f0444ee463a413c8e8cd823e17052308f1a1597SPIP BigUp version 4.3.1 suffers from a remote PHP code injection vulnerability.
96ef343134222af92ba1ed0f8190e233e165263a1824d6f93b058f803eb81603SPIP BigUp version 4.2.15 suffers from a remote PHP code injection vulnerability.
b87a54430f27e47a10de7366a28ed08bc4395479f68b430b14e8107c3c0bee0bPrison Management System version 1.0 suffers from a PHP code injection vulnerability.
6f0c4d0c2b30b067997ee3da24377eec3ac2089defddc71f84d051b385d7de50SPIP BigUp version 4.1.17 suffers from a remote PHP code injection vulnerability.
3f74e15842234faecbfd3d61add6733355d33551d131bf6b8c351284b2d939f8Debian Linux Security Advisory 5771-1 - Fabien Potencier discovered that under some conditions the sandbox mechanism of Twig, a template engine for PHP, could by bypassed.
1049496f29954214697205ebd4565fdbae36dcd02f1494f9dedfe7f85844e0dcSPIP BigUp version 4.0 suffers from a remote PHP code injection vulnerability.
d265e3f12c70a2ce14755cd47abbb9cb0a47576f4669c7d7fe0c1db3d2cf9b7eOnline Student Grading System version 1.0 suffers from a remote PHP code injection vulnerability.
ee460721bce9e6abdaea812c124c2b59bd8c93354b78393df06b27cb28539092Old Age Home Management System version 1.0 suffers from a remote PHP code injection vulnerability.
2956369607635036343c4a4a8e93211491c1beb8cca01c7a09a83394f97628ddMembership Management System version 1.0 suffers from a remote PHP code injection vulnerability.
6e0de45243e9e524440fd167d97fbd6689974293e7f4773985cd70c38b24fe08Live Membership Management System version 1.0 suffers from a remote PHP code injection vulnerability.
d31e0399ea428f2faae88e7a10f0f7ac944b8c2f78ece809d9c3be28459cf5b0Men Salon Management System version 2.0 suffers from a php code injection vulnerability.
16f109978dab4dd654ee4cf808111eef9a65cfb018b4dd430500f6c941a7322cAuto/Taxi Stand Management System version 1.0 suffers from a php code injection vulnerability.
1e0b4094b37e8533f3a72e374f0e297723b05a67a6a446f3a2c4f4ba0aa4bdb2This Metasploit module exploits a Remote Code Execution vulnerability in the BigUp plugin of SPIP. The vulnerability lies in the lister_fichiers_par_champs function, which is triggered when the bigup_retrouver_fichiers parameter is set to any value. By exploiting the improper handling of multipart form data in file uploads, an attacker can inject and execute arbitrary PHP code on the target server. This critical vulnerability affects all versions of SPIP from 4.0 up to and including 4.3.1, 4.2.15, and 4.1.17. It allows unauthenticated users to execute arbitrary code remotely via the public interface. The vulnerability has been patched in versions 4.3.2, 4.2.16, and 4.1.18.
470929e92864600915a7773675e61c23486f09b86f3d05d72951628b436ed7c0Nipah Virus Testing Management System version 1.0 suffers from a php code injection vulnerability.
1d5d8ecfee17bb9d29a68547de9e3007c6fb30acdff37b24dca3f23a371620ddEmergency Ambulance Hiring Portal version 1.0 suffers from a php code injection vulnerability.
a9602dbf2dcb3e61aff1d2d0fb60dd2cce4318e79d2ebd423c56f43a95c5c275COVID19 Testing Management System version 1.0 suffers from a php code injection vulnerability.
81883da23094b5c57395049ea06aa7068f785e862d3a4b82429dae396025a5e9
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed