1015 matches found
CVE-2025-70457
Sourcecodester Modern Image Gallery App v1.0 is affected by an RCE in gallery/upload.php due to improper validation of uploaded files and retention of user-specified extensions, allowing an unauthenticated attacker to upload PHP code by masquerading the MIME type as an image, potentially fully co...
PT-2026-4533
Name of the Vulnerable Software and Affected Versions Sourcecodester Modern Image Gallery App version 1.0 Description A Remote Code Execution RCE issue exists in the gallery/upload.php component of the application. The application does not properly validate uploaded file contents and preserves...
Security update for ffmpeg-4
This update for ffmpeg-4 fixes the following issues: CVE-2023-6601: Fixed HLS Unsafe File Extension Bypass bsc1220545. CVE-2025-63757: Fixed integer overflow in yuv2ya16Xctemplate bsc1255392. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST...
Horilla code issue vulnerabilities
Horilla is a free open-source human resources software developed by Horilla Company. Versions of Horilla prior to 1.5.0 contained code vulnerabilities. These vulnerabilities stemmed from the lack of checks for file extensions and content types when updating profile photos, which could lead to...
SUSE-SU-2026:0198-1 Security update for ffmpeg-4
This update for ffmpeg-4 fixes the following issues: - CVE-2023-6601: Fixed HLS Unsafe File Extension Bypass bsc1220545. - CVE-2025-63757: Fixed integer overflow in yuv2ya16Xctemplate bsc1255392...
CVE-2026-21625
User provided uploads to the Easy Discuss component for Joomla aren't properly validated. Uploads are purely checked by file extensions, no mime type checks are happening...
CVE-2026-23768
lucy-xss-filter before commit 7c1de6d allows an attacker to induce server-side HEAD requests to arbitrary URLs when the ObjectSecurityListener or EmbedSecurityListener option is enabled and embed or object tags are used with a src attribute missing a file extension...
Lucy-XSS security vulnerability
Lucy-XSS is an open-source cross-site scripting protection library developed by NAVER. Lucy-XSS has a security vulnerability that occurs when the ObjectSecurityListener or EmbedSecurityListener option is enabled, and the src attribute lacks a file extension. This vulnerability may lead to a HEAD...
CVE-2026-22864 Deno has an incomplete fix for command-injection prevention on Windows — case-insensitive extension bypass
Deno is a JavaScript, TypeScript, and WebAssembly runtime. Before 2.5.6, a prior patch aimed to block spawning Windows batch/shell files by returning an error when a spawned path’s extension matched .bat or .cmd. That check performs a case-sensitive comparison against lowercase literals and...
CVE-2005-1576
The file download dialog in Mozilla Firefox 0.10.1 and 1.0 for Windows uses the Content-Type HTTP header to determine the file type, but saves the original file extension when "Save to Disk" is selected, which allows remote attackers to hide the real file types of downloaded files...
CVE-2009-4444
Microsoft Internet Information Services IIS 5.x and 6.x uses only the portion of a filename before a ; semicolon character to determine the file extension, which allows remote attackers to bypass intended extension restrictions of third-party upload applications via a filename with a 1 .asp, 2...
CVE-2022-0687
The Amelia WordPress plugin before 1.0.47 stores image blobs into actual files whose extension is controlled by the user, which may lead to PHP backdoors being uploaded onto the site. This vulnerability can be exploited by logged-in users with the custom "Amelia Manager" role...
CVE-2019-11401
A issue was discovered in SiteServer CMS 6.9.0. It allows remote attackers to execute arbitrary code because an administrator can add the permitted file extension .aassp, which is converted to .asp because the "as" substring is deleted...
CVE-2020-10212
upload.php in Responsive FileManager 9.13.4 and 9.14.0 allows SSRF via the url parameter because file-extension blocking is mishandled and because it is possible for a DNS hostname to resolve to an internal IP address. For example, an SSRF attempt may succeed if a .ico filename is added to the...
CVE-2019-7838
ColdFusion versions Update 3 and earlier, Update 10 and earlier, and Update 18 and earlier have a file extension blacklist bypass vulnerability. Successful exploitation could lead to arbitrary code execution...
CVE-2024-2565
A vulnerability was found in PandaXGO PandaX up to 20240310. It has been classified as critical. Affected is an unknown function of the file /apps/system/router/upload.go of the component File Extension Handler. The manipulation of the argument file leads to unrestricted upload. It is possible to...
CVE-2023-53980 ProjectSend r1605 Remote Code Execution via File Extension Manipulation
ProjectSend r1605 contains a remote code execution vulnerability that allows attackers to upload malicious files by manipulating file extensions. Attackers can upload shell scripts with disguised extensions through the upload.process.php endpoint to execute arbitrary commands on the server...
CVE-2023-53980 ProjectSend r1605 Remote Code Execution via File Extension Manipulation
ProjectSend r1605 contains a remote code execution vulnerability that allows attackers to upload malicious files by manipulating file extensions. Attackers can upload shell scripts with disguised extensions through the upload.process.php endpoint to execute arbitrary commands on the server...
CVE-2023-53980
ProjectSend r1605 is affected by a remote code execution vulnerability that allows attackers to upload malicious files by manipulating file extensions via the upload.process.php endpoint, enabling execution of arbitrary commands on the server. The issue, described across multiple sources, stems f...
CVE-2023-53924
UliCMS 2023.1-sniffing-vicuna contains a remote code execution vulnerability that allows authenticated attackers to upload PHP files with .phar extension during profile avatar upload. Attackers can trigger code execution by visiting the uploaded file's location, enabling system command execution...