4 matches found
EUVD-2025-21028
Malicious code in bioql PyPI...
CVE-2025-34100
An unrestricted file upload vulnerability exists in BuilderEngine 3.5.0 via the integration of the elFinder 2.0 file manager and its use of the jQuery File Upload plugin. The plugin fails to properly validate or restrict file types or locations during upload operations, allowing an attacker to...
CVE-2025-34100
BuilderEngine 3.5.0 is vulnerable due to the integration of elFinder 2.0 and the jQuery File Upload plugin, which fails to validate file types/locations during uploads. This unauthenticated flow allows uploading a malicious PHP file and executing code on the server, producing full remote code exe...
BuilderEngine 安全漏洞
BuilderEngine is a web building tool from BuilderEngine, Inc. A security vulnerability exists in BuilderEngine version 3.5.0, which stems from a file upload issue in the elFinder 2.0 file manager and could lead to remote code execution...