Concrete5 versions 8.5.5 suffer from a logging settings phar deserialization vulnerability. User input passed through the logFile request parameter is not properly sanitized before being used in a call to the file_exists() function at line 91. This can be exploited by malicious users to inject arbitrary PHP objects into the application scope (PHP Object Injection via phar:// stream wrapper), allowing them to carry out a variety of attacks, such as executing arbitrary PHP code. Successful exploitation of this vulnerability requires an administrator account.
a1fb25a9ba4326669a0ede911fe27d02IPS Community Suite versions 4.5.4.2 and below suffer from a PHP code injection vulnerability. The vulnerability exists because the IPS\cms\modules\front\pages\_builder::previewBlock() method allows to pass arbitrary content to the IPS\_Theme::runProcessFunction() method, which will be used in a call to the eval() PHP function. This can be exploited to inject and execute arbitrary PHP code. Successful exploitation of this vulnerability requires an account with permission to manage the sidebar (such as a Moderator or Administrator) and the "cms" application to be enabled.
1b4fb4e5987be3d21bd6ca2f13378d32ExpressionEngine versions 6.0.2 and below suffer from a Translate::save PHP code injection vulnerability.
ef038368400297010e360e1916e2d2fedocsify versions 4.11.6 and below suffer from a cross site scripting vulnerability. This vulnerability exists due to an incomplete fix for CVE-2020-7680.
4f1f48238c4e1aa6fdf3106d9952a98fIPS Community Suite versions 4.5.4 and below suffer from a remote SQL injection vulnerability in the Downloads REST API.
dbfe43c17c45eb62df239a2a07b7e8dbqdPM versions 9.1 and below suffer from an executeExport PHP object injection vulnerability.
59a37dff15f2cdae915eeb5509b2b6a3SugarCRM versions prior to 10.1.10 suffer from a remote SQL injection vulnerability.
1e905e5f22cd6342f9072a100d0f76d0SugarCRM versions prior to 10.1.10 suffer from multiple cross site scripting vulnerabilities.
183b85c8b4288860f9bd1feb70ed8796This Metasploit module exploits multiple vulnerabilities in openSIS 7.4 and prior versions which could be abused by unauthenticated attackers to execute arbitrary PHP code with the permissions of the webserver. The exploit chain abuses an incorrect access control issue which allows access to scripts which should require the user to be authenticated, and a local file inclusion to reach a SQL injection vulnerability which results in execution of arbitrary PHP code due to an unsafe use of the eval() function.
07a638401a07dae3fe0cc15b5a196965openSIS versions 7.4 and below suffer from multiple remote SQL injection vulnerabilities.
a2debfb35200111f560b317b09d7483aopenSIS versions 7.4 and below suffer from a local file inclusion vulnerability.
34773fe08298e4f70971b2ca475bfba4openSIS versions 7.4 and below suffer from an access bypass vulnerability.
4cebf3ba915295798f97385106aeba1bSuiteCRM versions 7.11.10 and below suffer from multiple remote SQL injection vulnerabilities.
e563a245d3450a08dc89409be7d351e6SuiteCRM versions 7.11.11 and below suffer from an add_to_prospect_list broken access control that allows for local file inclusion attacks.
30243acc735a0a74cd60961a8b809988SuiteCRM versions 7.11.11 and below suffer from an action_saveHTMLField bean manipulation vulnerability.
5b37a8d65609f140a2d503b2ba0f5aeaSuiteCRM versions 7.11.11 and below suffer from multiple phar deserialization vulnerabilities.
40555272df9e2fe2b9399bbc7bb54c0aSuiteCRM versions 7.11.11 and below suffer from a second-order php object injection vulnerability.
ea4d3494a5be75e5e45932ce2189d4c2YouPHPTube versions 7.7 and below suffer from a remote SQL injection vulnerability in getChat.json.php.
bda45fa0236ae4d5e784d5a3ac75112aSugarCRM versions 9.0.1 and below suffer from multiple phar deserialization vulnerabilities.
9b8f9b6b6a519339498cc83d2af280ceSugarCRM versions 9.0.1 and below suffer from multiple php object injection vulnerabilities.
7b2fd6425395925d0bd77736e7cd43ccSugarCRM versions 9.0.1 and below suffer from multiple PHP code injection vulnerabilities.
1138730283969f03621d804b3942381fSugarCRM versions 9.0.1 and below suffer from multiple path traversal vulnerabilities.
07e61544723cdaf57099f0133cbf81e8SugarCRM versions 9.0.1 and below suffer from multiple broken access control vulnerabilities.
1168050e8aead52cc4050329687aece7SugarCRM versions 9.0.1 and below suffer from multiple remote SQL injection vulnerabilities.
d7d53f88e5bd5cf9486ffe6a36ff47b3SugarCRM versions 9.0.1 and below suffer from multiple reflective cross site scripting vulnerabilities.
a36ef60c0e8d40f91c64cce4c99d669a
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed