• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-434

CVE-2020-22249

February 26, 2023 by

Remote Code Execution vulnerability in phplist 3.5.1. The application does not check any file extensions stored in the plugin zip file, Uploading a malicious plugin which contains the php files with extensions like PHP,phtml,php7 will be copied to the plugins directory which would lead to the remote code execution

CVE-2020-21976

February 26, 2023 by

An arbitrary file upload in the component of NewsOne CMS v1.1.0 allows attackers to webshell and execute arbitrary commands.

CVE-2020-21786

February 26, 2023 by

In IBOS 4.5.4 Open, Arbitrary File Inclusion causes getshell via /system/modules/dashboard/controllers/CronController.php.

CVE-2020-21787

February 26, 2023 by

CRMEB 3.1.0+ is vulnerable to File Upload Getshell via /crmeb/crmeb/services/UploadService.php.

CVE-2020-21564

February 26, 2023 by

An issue was discovered in Pluck CMS 4.7.10-dev2 and 4.7.11. There is a file upload vulnerability that can cause a remote command execution via admin.php?action=files.

CVE-2020-21585

February 26, 2023 by

Vulnerability in emlog v6.0.0 allows user to upload webshells via zip plugin module.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 52
  • Go to page 53
  • Go to page 54
  • Go to page 55
  • Go to page 56
  • Interim pages omitted …
  • Go to page 224
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE