CVE-2025-14209

A weakness has been identified in Campcodes School File Management System 1.0. This impacts an unknown function of the file /updatequery.php. This manipulation of the argument studid causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and...

CVE-2025-14209

creationtimestamp| type| source ---|---|--- 2025-12-08 04:09:38+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m7h5vem23z2n...

CVE-2025-14209

A weakness has been identified in Campcodes School File Management System 1.0. This impacts an unknown function of the file /updatequery.php. This manipulation of the argument studid causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and...

CVE-2025-14209 Campcodes School File Management System update_query.php sql injection

A weakness has been identified in Campcodes School File Management System 1.0. This impacts an unknown function of the file /updatequery.php. This manipulation of the argument studid causes sql injection. The attack can be initiated remotely. The exploit has been made available to the public and...

CVE-2020-14209

Dolibarr before 11.0.5 allows low-privilege users to upload files of dangerous types, leading to arbitrary code execution. This occurs because .pht and .phar files can be uploaded. Also, a .htaccess file can be uploaded to reconfigure access control e.g., to let .noexe files be executed as PHP co...

CVE-2020-14209

creationtimestamp| type| source ---|---|--- 2024-04-25 19:31:11+00:00| seen| https://t.me/arpsyndicate/4847 2024-11-14 06:08:49+00:00| seen| MISP/f1c584cb-ef68-4a56-bffc-6460023b6d45...

Dolibarr ERP/CRM 11.0.4 - File Upload Restrictions Bypass Exploit

Exploit Title: Dolibarr ERP/CRM 11.0.4 - File Upload Restrictions Bypass Authenticated RCE Exploit Author: Andrea Gonzalez Vendor Homepage: https://www.dolibarr.org/ Software Link: https://github.com/Dolibarr/dolibarr Version: Prior to 11.0.5 Tested on: Debian 9.12 CVE : CVE-2020-14209...

Dolibarr ERP/CRM 11.0.4 Bypass / Code Execution

Exploit Title: Dolibarr ERP/CRM 11.0.4 - File Upload Restrictions Bypass Authenticated RCE Date: 16/06/2020 Exploit Author: Andrea Gonzalez Vendor Homepage: https://www.dolibarr.org/ Software Link: https://github.com/Dolibarr/dolibarr Version: Prior to 11.0.5 Tested on: Debian 9.12 CVE :...

Dolibarr ERP 11.0.4 - File Upload Restrictions Bypass (Authenticated RCE)

Exploit Title: Dolibarr ERP/CRM 11.0.4 - File Upload Restrictions Bypass Authenticated RCE Date: 16/06/2020 Exploit Author: Andrea Gonzalez Vendor Homepage: https://www.dolibarr.org/ Software Link: https://github.com/Dolibarr/dolibarr Version: Prior to 11.0.5 Tested on: Debian 9.12 CVE :...

CVE-2020-14209

Dolibarr prior to 11.0.5 is vulnerable to unrestricted file uploads that can trigger arbitrary code execution. The weakness arises because attackers can upload dangerous file types such as .pht/.phar and even .htaccess to alter access control and execute PHP code (e.g., defeating noexe protection...

CVE-2019-14209

Foxit PhantomPDF before 8.3.10 is affected by CVE-2019-14209, which causes a Heap Corruption due to data desynchrony when adding AcroForm. The issue is described as a heap corruption vulnerability impacting the product, with CVSS v3.0 vector indicating network access, no user interaction, and hig...