Threat Post

PHP File Manager Riddled With Vulnerabilities, Including Backdoor

Multiple critical vulnerabilities have existed, some for nearly five years, in PHP File Manager, a web-based file manager used by several high profile corporations. Multiple critical vulnerabilities ...
ZDNet

WordPress File Manager plugin flaw causing website hijack exploited in the wild

The file in question was pulled by third-party dependency elFinder and used as a code reference. An extension added to the file, the rename of connector-minimal.php-dist to connector-minimal.php, was ...
Bleeping Computer

Craft CMS RCE exploit chain used in zero-day attacks to steal data

Two vulnerabilities impacting Craft CMS were chained together in zero-day attacks to breach servers and steal data, with exploitation ongoing, according to CERT Orange Cyberdefense. The ...