CVE-2024-52600 – Statamic CMS has Path Traversal in Asset Upload
https://notcve.org/view.php?id=CVE-2024-52600
Statmatic is a Laravel and Git powered content management system (CMS). Prior to version 5.17.0, assets uploaded with appropriately crafted filenames may result in them being placed in a location different than what was configured. The issue affects front-end forms with `assets` fields and other places where assets can be uploaded, although users would need upload permissions anyway. Files can be uploaded so they would be located on the server in a different location, and potentially override existing files. Traversal outside an asset container is not possible. • https://github.com/statamic/cms/commit/0c07c10009a2439c8ee56c8faefd1319dc6e388d https://github.com/statamic/cms/commit/400875b20f40e1343699d536a432a6fc284346da https://github.com/statamic/cms/commit/4cc2c9bd0f39a93b3fc7e9ef0f12792576fd380d https://github.com/statamic/cms/security/advisories/GHSA-p7f6-8mcm-fwv3 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2024-7065 – Spina CMS cross-site request forgery
https://notcve.org/view.php?id=CVE-2024-7065
A vulnerability was found in Spina CMS up to 2.18.0. It has been classified as problematic. Affected is an unknown function of the file /admin/pages/. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. • https://github.com/topsky979/Security-Collections/blob/main/1700810/README.md https://vuldb.com/?ctiid.272346 https://vuldb.com/?id.272346 https://vuldb.com/?submit.375236 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2023-46906
https://notcve.org/view.php?id=CVE-2023-46906
juzaweb <= 3.4 is vulnerable to Incorrect Access Control, resulting in an application outage after a 500 HTTP status code. The payload in the timezone field was not correctly validated. juzaweb <= 3.4 es vulnerable a un control de acceso incorrecto, lo que provoca una interrupción de la aplicación después de un código de estado HTTP 500. El payload en el campo de timezone no se validó correctamente. • https://github.com/juzaweb/cms https://www.sumor.top/index.php/archives/880 •
CVE-2023-46467
https://notcve.org/view.php?id=CVE-2023-46467
Cross Site Scripting vulnerability in juzawebCMS v.3.4 and before allows a remote attacker to execute arbitrary code via a crafted payload to the username parameter of the registration page. Vulnerabilidad de Cross-Site Scripting (XSS) en juzawebCMS v.3.4 y anteriores permite a un atacante remoto ejecutar código arbitrario a través de un payload manipulado en el parámetro de nombre de usuario de la página de registro. • https://www.sumor.top/index.php/archives/872 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2019-11021
https://notcve.org/view.php?id=CVE-2019-11021
admin/app/mediamanager in Schlix CMS 2.1.8-7 allows Authenticated Unrestricted File Upload, leading to remote code execution. NOTE: "While inadvertently allowing a PHP file to be uploaded via Media Manager was an oversight, it still requires an admin permission. We think it's pretty rare for an administrator to exploit a bug on his/her own site to own his/her own site. ** EN DISPUTA ** El archivo admin/app/mediamanager en Schlix CMS versión 2.1.8-7, permite una carga de archivos sin restricciones autenticada, lo que conlleva a la ejecución de código remota. NOTA: "Si bien, sin darse cuenta, permite que un archivo PHP se cargue a través de Media Manager fue un descuido,aunque se requiere un permiso de administrador. Creemos que es bastante raro que un administrador explote un error en su propio sitio para tener su propio sitio ". • https://gurelahmet.com/schlix-cms-v2-1-8-7-authenticated-unrestricted-file-upload-to-rce https://vuldb.com/?id.144129 https://www.incibe-cert.es/en/early-warning/vulnerabilities/cve-2019-11021 https://www.schlix.com/html/schlix-cms-downloads.html https://www.schlix.com/news/security/cve-2019-11021-for-older-schlix-cms-v2-1-8-7-november-2018.html • CWE-434: Unrestricted Upload of File with Dangerous Type •