Security
Headlines
HeadlinesLatestCVEs

Tag

#php

CVE-2020-35135: Changeset 2434070 – WordPress Plugin Repository

The ultimate-category-excluder plugin before 1.2 for WordPress allows ultimate-category-excluder.php CSRF.

CVE
#csrf#vulnerability#ios#wordpress#php
CVE-2020-25955: Request for full disclosure of CVE-2020-25889 & CVE-2020-25955

SourceCodester Student Management System Project in PHP version 1.0 is vulnerable to stored a cross-site scripting (XSS) via the 'add subject' tab.

CVE-2020-28940: WDC-20009 OS 5 Firmware 5.06.115 | Western Digital

On Western Digital My Cloud OS 5 devices before 5.06.115, the NAS Admin dashboard has an authentication bypass vulnerability that could allow an unauthenticated user to execute privileged commands on the device.

CVE-2020-29136: 90 Change Log

In cPanel before 90.0.17, 2FA can be bypassed via a brute-force approach (SEC-575).

CVE-2020-28136: OffSec’s Exploit Database Archive

An Arbitrary File Upload is discovered in SourceCodester Tourism Management System 1.0 allows the user to conduct remote code execution via admin/create-package.php vulnerable page.

CVE-2020-25706: Invalid Bug ID

A cross-site scripting (XSS) vulnerability exists in templates_import.php (Cacti 1.2.13) due to Improper escaping of error message during template import preview in the xml_path field

CVE-2020-27617: security - CVE-2020-27617 QEMU: net: an assert failure via eth_get_gso_type

eth_get_gso_type in net/eth.c in QEMU 4.2.1 allows guest OS users to trigger an assertion failure. A guest can crash the QEMU process via packet data that lacks a valid Layer 3 protocol.

CVE-2020-27387: Add HorizontCMS 1.0.0-beta exploit module and documentation by ErikWynter · Pull Request #14340 · rapid7/metasploit-framework

An unrestricted file upload issue in HorizontCMS through 1.0.0-beta allows an authenticated remote attacker (with access to the FileManager) to upload and execute arbitrary PHP code by uploading a PHP payload, and then using the FileManager's rename function to provide the payload (which will receive a random name on the server) with the PHP extension, and finally executing the PHP file via an HTTP GET request to /storage/<php_file_name>. NOTE: the vendor has patched this while leaving the version number at 1.0.0-beta.