1026 matches found
CVE-2025-7101
Summary of CVE-2025-7101 (Mode C): A vulnerability in BoyunCMS up to version 1.4.20 affects the Configuration File Handler, specifically an unknown part of the file /install/install_ok.php. Manipulation of the argument db_pass leads to code injection. The vulnerability is remotely exploitable, an...
PT-2025-28096 · Boyuncms · Boyuncms
Name of the Vulnerable Software and Affected Versions: BoyunCMS versions up to 1.4.20 Description: A critical issue affects the Configuration File Handler component, specifically an unknown part of the /install/install ok.php file. The manipulation of the db pass argument leads to code injection...
CVE-2025-7097
A vulnerability, which was classified as critical, has been found in Comodo Internet Security Premium 12.3.4.8162. This issue affects some unknown processing of the file cisupdatex64.xml of the component Manifest File Handler. The manipulation of the argument binary/params leads to os command...
PT-2025-28090 · Comodo · Comodo Internet Security Premium
Name of the Vulnerable Software and Affected Versions: Comodo Internet Security Premium version 12.3.4.8162 Description: A critical vulnerability was found in the Manifest File Handler component of Comodo Internet Security Premium, affecting the file cis update x64.xml. This issue leads to improp...
PT-2025-31397 · Undefined · Undefined
Уязвимость обработчика CSV-файлов программной платформы для разработки веб-приложений Django связана с неверным ограничением имени пути к каталогу с ограниченным доступом. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, выполнить произвольный код путём внедрения его в...
CVE-2025-6731
A vulnerability was found in yzcheng90 X-SpringBoot up to 5.0 and classified as critical. Affected by this issue is the function uploadApk of the file /sys/oss/upload/apk of the component APK File Handler. The manipulation of the argument File leads to path traversal. The attack may be launched...
CVE-2025-6731
A vulnerability was found in yzcheng90 X-SpringBoot up to 5.0 and classified as critical. Affected by this issue is the function uploadApk of the file /sys/oss/upload/apk of the component APK File Handler. The manipulation of the argument File leads to path traversal. The attack may be launched...
CVE-2025-6731 yzcheng90 X-SpringBoot APK File apk uploadApk path traversal
A vulnerability was found in yzcheng90 X-SpringBoot up to 5.0 and classified as critical. Affected by this issue is the function uploadApk of the file /sys/oss/upload/apk of the component APK File Handler. The manipulation of the argument File leads to path traversal. The attack may be launched...
CVE-2025-6731 yzcheng90 X-SpringBoot APK File apk uploadApk path traversal
A vulnerability was found in yzcheng90 X-SpringBoot up to 5.0 and classified as critical. Affected by this issue is the function uploadApk of the file /sys/oss/upload/apk of the component APK File Handler. The manipulation of the argument File leads to path traversal. The attack may be launched...
CVE-2025-6731
CVE-2025-6731 affects yzcheng90 X-SpringBoot up to version 5.0. The vulnerability resides in the function uploadApk within /sys/oss/upload/apk of the APK File Handler, where manipulation of the File argument enables path traversal. It can be exploited remotely, and the proof-of-concept/public exp...
CVE-2025-6534
A vulnerability, which was classified as problematic, was found in xxyopen/201206030 novel-plus up to 5.1.3. This affects the function remove of the file novel-admin/src/main/java/com/java2nb/common/controller/FileController.java of the component File Handler. The manipulation leads to improper...
PT-2025-27014 · Yzcheng90 · X-Springboot
Name of the Vulnerable Software and Affected Versions: yzcheng90 X-SpringBoot versions up to 5.0 Description: A critical issue was found in the function uploadApk of the file /sys/oss/upload/apk of the component APK File Handler. The manipulation of the argument File leads to path traversal. The...
Amazon Linux 2 : qt5-qt3d (ALAS-2025-2903)
The version of qt5-qt3d installed on the remote host is prior to 5.15.3-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2903 advisory. A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. This affects the...
CVE-2025-6534
A vulnerability, which was classified as problematic, was found in xxyopen/201206030 novel-plus up to 5.1.3. This affects the function remove of the file novel-admin/src/main/java/com/java2nb/common/controller/FileController.java of the component File Handler. The manipulation leads to improper...
CVE-2025-6534
Summary: CVE-2025-6534 affects xxyopen/201206030 novel-plus up to version 5.1.3. The vulnerability resides in the File Handler’s remove function (novel-admin/src/main/java/com/java2nb/common/controller/FileController.java) and stems from improper control of resource identifiers. The issue can be ...
ROS-20250616-05
A vulnerability in the File Handler component of the cross-platform 3D model import library Assimp Open Asset Import Library is related to a buffer overflow in aiString::Set in include/assimp/types.h library. Exploiting the vulnerability could allow an attacker to execute arbitrary code...
CVE-2025-5390
A vulnerability, which was classified as critical, was found in JeeWMS up to 20250504. This affects the function filedeal of the file /systemController/filedeal.do of the component File Handler. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. Th...
CVE-2025-5389
A vulnerability, which was classified as critical, has been found in JeeWMS up to 20250504. Affected by this issue is the function dogenerateOne2Many of the file /generateController.do?dogenerateOne2Many of the component File Handler. The manipulation leads to improper access controls. The attack...
CVE-2025-5389
A vulnerability, which was classified as critical, has been found in JeeWMS up to 20250504. Affected by this issue is the function dogenerateOne2Many of the file /generateController.do?dogenerateOne2Many of the component File Handler. The manipulation leads to improper access controls. The attack...
CVE-2025-5390
A vulnerability, which was classified as critical, was found in JeeWMS up to 20250504. This affects the function filedeal of the file /systemController/filedeal.do of the component File Handler. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. Th...