|
213411
|
6.5 |
MEDIUM
Network
|
pluck-cms
|
pluck
|
An issue was discovered in Pluck 4.7.9-dev1. There is a CSRF vulnerability that can delete modules via a /admin.php?action=module_delete&var1= URI.
|
CWE-352
Origin Validation Error
|
CVE-2019-9049
|
2024-11-21 13:50 |
2019-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213412
|
6.5 |
MEDIUM
Network
|
pluck-cms
|
pluck
|
An issue was discovered in Pluck 4.7.9-dev1. There is a CSRF vulnerability that can delete a theme (aka topic) via a /admin.php?action=theme_delete&var1= URI.
|
CWE-352
Origin Validation Error
|
CVE-2019-9048
|
2024-11-21 13:50 |
2019-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213413
|
7.2 |
HIGH
Network
|
sitemagic
|
sitemagic_cms
|
An issue was discovered in Sitemagic CMS v4.4. In the index.php?SMExt=SMFiles URI, the user can upload a .php file to execute arbitrary code, as demonstrated by 404.php. This can only occur if the ad…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2019-9042
|
2024-11-21 13:50 |
2019-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213414
|
7.2 |
HIGH
Network
|
zzzcms
|
zzzphp
|
An issue was discovered in ZZZCMS zzzphp V1.6.1. In the inc/zzz_template.php file, the parserIfLabel() function's filtering is not strict, resulting in PHP code execution, as demonstrated by the if:a…
|
CWE-917
Improper Neutralization of Special Elements used in an Expression Language Statement ('Expression Language Injection')
|
CVE-2019-9041
|
2024-11-21 13:50 |
2019-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213415
|
8.8 |
HIGH
Network
|
s-cms
|
s-cms
|
S-CMS PHP v3.0 has a CSRF vulnerability to add a new admin user via the admin/ajax.php?type=admin&action=add URI, a related issue to CVE-2018-19332.
|
CWE-352
Origin Validation Error
|
CVE-2019-9040
|
2024-11-21 13:50 |
2019-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213416
|
7.5 |
HIGH
Network
|
matio_project
|
matio
|
An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is an out-of-bounds read problem with a SEGV in the function ReadNextCell() in mat5.c.
|
CWE-125
Out-of-bounds Read
|
CVE-2019-9038
|
2024-11-21 13:50 |
2019-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213417
|
9.1 |
CRITICAL
Network
|
matio_project
|
matio
|
An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a buffer over-read in the function Mat_VarPrint() in mat.c.
|
CWE-125
Out-of-bounds Read
|
CVE-2019-9037
|
2024-11-21 13:50 |
2019-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213418
|
7.5 |
HIGH
Network
|
matio_project
|
matio
|
An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a heap-based buffer overflow in the function ReadNextFunctionHandle() in mat5.c.
|
CWE-787
Out-of-bounds Write
|
CVE-2019-9036
|
2024-11-21 13:50 |
2019-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213419
|
9.1 |
CRITICAL
Network
|
matio_project
|
matio
|
An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a stack-based buffer over-read in the function ReadNextStructField() in mat5.c.
|
CWE-125
Out-of-bounds Read
|
CVE-2019-9035
|
2024-11-21 13:50 |
2019-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213420
|
9.1 |
CRITICAL
Network
|
matio_project
|
matio
|
An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a stack-based buffer over-read for a memcpy in the function ReadNextCell() in mat5.c.
|
CWE-125
Out-of-bounds Read
|
CVE-2019-9034
|
2024-11-21 13:50 |
2019-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
