PT-2023-32924 · Unknown · Campcodes Online College Library System

Name of the Vulnerable Software and Affected Versions: Campcodes Online College Library System version 1.0 Description: A critical issue affects the processing of the file /admin/book row.php of the component HTTP POST Request Handler. The manipulation of the argument id leads to SQL injection. T...

PT-2023-31576 · Unknown · Nos Client

Name of the Vulnerable Software and Affected Versions: nos client version 0.6.6 Description: An issue was discovered in the nos client, allowing remote attackers to escalate privileges via the getRPCEndpoint.js file. Recommendations: For nos client version 0.6.6, consider disabling the...

PT-2023-19325 · Woorockets · Woorockets Corsa

Name of the Vulnerable Software and Affected Versions: WooRockets Corsa versions 1.5 and earlier Description: The issue is related to an Unrestricted Upload of File with Dangerous Type vulnerability. This allows for the upload of files with potentially dangerous types, which could lead to securit...

PT-2023-32721 · Sourcecodester · Sourcecodester Simple Student Attendance System

Name of the Vulnerable Software and Affected Versions: SourceCodester Simple Student Attendance System version 1.0 Description: A critical issue affects some unknown functionality of the file /modals/class form.php. The manipulation of the id argument leads to SQL injection. The issue has been...

PT-2023-29063 · Unknown · Mojoportal

Name of the Vulnerable Software and Affected Versions: mojoPortal version 2.7.0.0 Description: The issue allows a remote attacker to execute arbitrary code via the File Manager function. This is a result of a File Upload vulnerability. Recommendations: For mojoPortal version 2.7.0.0, consider...

PT-2023-28323 · Unknown · Teller Web App

Name of the Vulnerable Software and Affected Versions: Teller Web App version 4.4.0 Description: An arbitrary file upload vulnerability allows a remote attacker to execute arbitrary commands and obtain sensitive information via uploading a crafted file. Recommendations: For Teller Web App version...

PT-2023-27740 · Unknown · Adlered Bolo-Solo

Name of the Vulnerable Software and Affected Versions: adlered bolo-solo version 2.6 Description: The issue allows a remote attacker to execute arbitrary code via a crafted script to the authorization field in the header. This can be done by uploading a file with malicious content, potentially...

PT-2023-27606 · Opto 22 · Snap Pac S1 Firmware

Name of the Vulnerable Software and Affected Versions: SNAP PAC S1 Firmware version R10.3b Description: The File Transfer Protocol FTP port is open by default, which could allow an adversary to access some device files. Recommendations: For SNAP PAC S1 Firmware version R10.3b, consider disabling...

PT-2023-4393 · Onlyoffice · Onlyoffice Document Server

Name of the Vulnerable Software and Affected Versions: ONLYOFFICE DocumentServer versions 4.0.3 through 7.3.2 Description: An out of bounds memory access issue in the JavaScript File Handler component allows remote attackers to execute arbitrary code via a crafted JavaScript file. This can be...

PT-2023-25205 · Unknown · Sourcecodester Shopping Website

Name of the Vulnerable Software and Affected Versions: SourceCodester Shopping Website version 1.0 Description: A critical issue has been found, affecting an unknown function of the file check availability.php. The manipulation of the email argument leads to sql injection, allowing for remote...

PT-2023-24991 · Unknown · Guantang Equipment Management System

Name of the Vulnerable Software and Affected Versions: Guantang Equipment Management System version 4.12 Description: The Guantang Equipment Management System is affected by an issue that allows Arbitrary File Upload. This could potentially lead to unauthorized access or malicious activities...

PT-2023-11511 · Unknown · Emlog Emlogcms

Name of the Vulnerable Software and Affected Versions: Emlog EmlogCMS version 6.0.0 Description: A remote attacker can gain access to sensitive information via the "/admin/plugin.php" function. This issue allows unauthorized access, potentially leading to data breaches. Recommendations: For Emlog...

PT-2023-3766 · Mitsubishi · Melsec Iq-F Series Ethernet/Ip Module Fx5-Enet/Ip +1

Name of the Vulnerable Software and Affected Versions: MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 affected versions not specified MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP affected versions not specified Description: The issue is related to an unrestricted upload of files with...

PT-2023-22353 · Extplorer · Extplorer

Name of the Vulnerable Software and Affected Versions: eXtplorer version 2.1.15 Description: The issue allows for insecure permissions, specifically through the file upload feature in the file manager. This vulnerability enables the upload of zip files that contain PHP pages, which can lead to...

PT-2023-17200 · Sourcecodester · Sourcecodester Young Entrepreneur E-Negosyo System

Name of the Vulnerable Software and Affected Versions: SourceCodester Young Entrepreneur E-Negosyo System version 1.0 Description: A critical vulnerability was found in the SourceCodester Young Entrepreneur E-Negosyo System. The issue affects an unknown functionality of the file...

PT-2023-16632 · Sourcecodester · Sourcecodester Best Pos Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Best POS Management System version 1.0 Description: A critical issue has been found in the software, affecting an unknown functionality of the file billing/index.php?id=9. The manipulation of the id argument leads to sql...

PT-2022-26823 · Unknown · Canteen Management System

Name of the Vulnerable Software and Affected Versions: Canteen Management System version 1.0 Description: The issue allows attackers to execute arbitrary code via a crafted PHP file, exploiting an arbitrary file upload vulnerability. This is achievable through the "ip/youthappam/php...

PT-2022-26806 · Unknown · Canteen Management System

Name of the Vulnerable Software and Affected Versions: Canteen Management System version 1.0 Description: The issue allows attackers to execute arbitrary code via a crafted PHP file, exploiting an arbitrary file upload vulnerability. This is achieved through the API endpoint "/youthappam/manage...

PT-2022-25924 · Unknown · Wedding Planner

Name of the Vulnerable Software and Affected Versions: Wedding Planner version 1.0 Description: The issue is related to an arbitrary file upload vulnerability in the /Wedding-Management-PHP/admin/photos add.php component. This allows attackers to execute arbitrary code via a crafted PHP file...

PT-2022-25438 · Ansys · Ansys Spaceclaim

Name of the Vulnerable Software and Affected Versions: Ansys SpaceClaim version 2022 R1 Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a malicious file. The fla...