SeaCMS V12.9 was discovered to contain an arbitrary file write vulnerability via the component admin_ip.php.
SeaCMS V12.9 was discovered to contain an arbitrary file write vulnerability via the component admin_weixin.php.
SeaCMS V12.9 was discovered to contain an arbitrary file write vulnerability via the component admin_smtp.php.
SeaCMS V12.9 was discovered to contain an arbitrary file write vulnerability via the component admin_notify.php.
SeaCMS <=13.0 is vulnerable to command execution in phome.php via the function Ebak_RepPathFiletext().
SeaCMS 13.2 has a remote code execution vulnerability located in the file sql.class.chp. Although the system has a check function, the check function is not executed during execution, allowing remote code execution by writing to the file through the MySQL slow query method.
SeaCMS v13.1 was discovered to a Server-Side Request Forgery (SSRF) via the url parameter at /admin_reslib.php.
An issue was discovered in /Upload/admin/admin_notify.php in Seacms 11.4 allows attackers to execute arbitrary php code via the notify1 parameter when the action parameter equals set.
SQL Injection in SEACMS v210530 (2021-05-30) allows remote attackers to execute arbitrary code via the component "admin_ajax.php?action=checkrepeat&v_name=".
SeaCMS v12.9 has a SQL injection vulnerability in the key parameter of /js/player/dmplayer/dmku/index.php?ac=so.
An issue was discovered in SeaCMS <=12.9 which allows remote attackers to execute arbitrary code via admin_ping.php.
SQL injection vulnerability in SeaCMS version 12.9, allows remote unauthenticated attackers to execute arbitrary code and obtain sensitive information via the id parameter in class.php.
SeaCMS v13.3 was discovered to contain a SQL injection vulnerability via the component admin_comment_news.php.
SeaCMS v12.8 has an arbitrary code writing vulnerability in the /jxz7g2/admin_ping.php file.
SeaCMS v12.9 was discovered to contain a SQL injection vulnerability via the id parameter at /dmplayer/dmku/index.php?ac=del.
SeaCMS v13.3 was discovered to contain a SQL injection vulnerability via the component admin_manager.php.
SeaCMS v13.3 was discovered to contain a SQL injection vulnerability via the component admin_topic.php.
SeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the component phomebak.php. This vulnerability allows attackers to execute arbitrary code via a crafted request.
SeaCms before v12.6 was discovered to contain a SQL injection vulnerability via the component /js/player/dmplayer/dmku/index.php.
Seacms v11.6 was discovered to contain a remote code execution (RCE) vulnerability via the component /admin/weixin.php.
Seacms <=13.3 is vulnerable to SQL Injection in admin_zyk.php.
Seacms <13.3 is vulnerable to SQL Injection in admin_pay.php.
Seacms <=13.3 is vulnerable to SQL Injection in admin_members.php.
Seacms <=13.3 is vulnerable to SQL Injection in admin_paylog.php.
Seacms <=13.3 is vulnerable to SQL Injection in admin_reslib.php.
Seacms <=13.3 is vulnerable to SQL Injection in admin_type_news.php.
SQL injection vulnerability in SeaCMS 10.1 (2020.02.08) via the id parameter in an edit action to admin_members_group.php.
SQL Injection vulnerability in SeaCMS v.13.2 and before allows a remote attacker to execute arbitrary code via the DoTranExecSql parameter in the phome.php component.
An issue in SeaCMS v.12.9 allows an attacker to execute arbitrary commands via the admin_safe.php component.
A vulnerability was found in SeaCMS 12.9. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /js/player/dmplayer/dmku/?ac=edit. The manipulation of the argument cid with the input (select(0)from(select(sleep(10)))v) leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-270007.
A vulnerability was found in SeaCMS 11.6 and classified as problematic. Affected by this issue is some unknown functionality of the file /data/config.ftp.php of the component Picture Management. The manipulation leads to deserialization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-221630 is the identifier assigned to this vulnerability.
seacms V11.5 is affected by an arbitrary code execution vulnerability in admin_config.php.
SeaCMS v13.1 was discovered to an arbitrary file read vulnerability via the component admin_safe.php.
SeaCMS v12.9 is vulnerable to Arbitrary File Read via admin_safe.php.
SeaCMS 6.64 and 7.2 allows remote attackers to delete arbitrary files via the filedir parameter.
SeaCMS 13.3 was discovered to contain an arbitrary file read vulnerability in the file_get_contents function at admin_safe_file.php.
An issue was discovered in Pascom Cloud Phone System before 7.20.x. A configuration error between NGINX and a backend Tomcat server leads to a path traversal in the Tomcat server, exposing unintended endpoints.
An issue was discovered in PONTON X/P Messenger before 3.11.2. Due to path traversal in private/SchemaSetUpload.do for uploaded ZIP files, an executable script can be uploaded by web application administrators, giving the attacker remote code execution on the underlying server via an imgs/*.jsp URI.
A directory traversal vulnerability in Hewlett Packard Enterprise Insight Remote Support may allow remote code execution.
The user avatar upload function in python_book V1.0 has an arbitrary file upload vulnerability.
Emerson XWEB 300D EVO 3.0.7--3ee403 is affected by: unauthenticated arbitrary file deletion due to path traversal. An attacker can browse and delete files without any authentication due to incorrect access control and directory traversal.
The Zip::File component in the rubyzip gem before 1.2.1 for Ruby has a directory traversal vulnerability. If a site allows uploading of .zip files, an attacker can upload a malicious file that uses "../" pathname substrings to write arbitrary files to the filesystem.
matyhtf framework v3.0.5 is affected by a path manipulation vulnerability in Smarty.class.php.
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Moridrin SSV Events allows PHP Local File Inclusion.This issue affects SSV Events: from n/a through 3.2.7.
Variable extraction vulnerability in include/common.php in exV2 2.0.4.3 and earlier allows remote attackers to overwrite arbitrary program variables and conduct directory traversal attacks to execute arbitrary code by modifying the $xoopsOption['pagetype'] variable.
In Stellarium through 1.2, attackers can write to files that are typically unintended, such as ones with absolute pathnames or .. directory traversal.
CMSimple 5.4 is vulnerable to Directory Traversal. The vulnerability exists when a user changes the file name to malicious file on config.php leading to remote code execution.
Path Traversal in Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to bypass authentication.
ThinkUp 2.0-beta.10 is affected by a path manipulation vulnerability in Smarty.class.php. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
Pre-Auth RCE via Path Traversal