CVE-2025-10479

The CVE-2025-10479 entry concerns SourceCodester Online Student File Management System 1.0. The vulnerability is a SQL injection in the /index.php file triggered by manipulating the stud_no argument, with remote exploitation and an exploit publicly released. Multiple connected sources corroborate...

PT-2025-37772

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Student File Management System version 1.0 Description: A security issue has been identified in SourceCodester Online Student File Management System. The vulnerability resides in the /remove file.php file, specifically...

PT-2025-37773

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Student File Management System version 1.0 Description: A SQL injection issue exists in SourceCodester Online Student File Management System version 1.0. The issue is located in the /admin/index.php file, within an unkno...

SourceCodester Online Student File Management SQL注入漏洞

SourceCodester Online Student File Management is a SourceCodester open source online student file management system. A SQL injection vulnerability exists in SourceCodester Online Student File Management version 1.0, which stems from incorrect manipulation of the parameter ID in the file...

SourceCodester Online Student File Management SQL注入漏洞

SourceCodester Online Student File Management is a SourceCodester open source online student file management system. A SQL injection vulnerability exists in SourceCodester Online Student File Management version 1.0, which originates from an incorrect manipulation of the parameter studentno in the...

SourceCodester Online Student File Management 代码问题漏洞

SourceCodester Online Student File Management is a SourceCodester open source online student file management system. A code issue vulnerability exists in SourceCodester Online Student File Management version 1.0, which stems from an unrestricted upload function in file/savefile.php, which could...

PT-2025-37775

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Student File Management System version 1.0 Description: A SQL injection flaw exists due to the manipulation of the firstname argument in the /admin/save user.php file. This manipulation can be carried out remotely. The...

PT-2025-37765

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Student File Management System version 1.0 Description: A weakness exists in SourceCodester Online Student File Management System 1.0 related to unrestricted file upload through manipulation of the /save file.php file an...

QNAP File Station 5 代码问题漏洞

QNAP Systems File Station 5威联通QNAP presents a file management application for browsing, uploading, downloading and managing files and folders stored on NAS devices, remote servers or external storage devices. A null pointer dereference vulnerability exists in QNAP Systems File Station 5, which ca...

Exploit for Improper Access Control in Webmin

Webmin-CVE-2022-0824-Enhanced-Exploit !IMPORTANT Enhan...

CVE-2025-54789

Files is a module for managing files inside spaces and user profiles. In versions 0.16.9 and below, the File Move functionality does not contain logic that prevents injection of arbitrary JavaScript, which can lead to Browser JS code execution in the context of the user’s session. This is fixed i...

CVE-2025-54790

Files is a module for managing files inside spaces and user profiles. In versions 0.16.9 and below, Files does not have logic to prevent the exploitation of backend SQL queries without direct output, potentially allowing unauthorized data access. This is fixed in version 0.16.10...

CVE-2025-54789 Files is Vulnerable to Reflected Self-XSS through its File Move Functionality

Files is a module for managing files inside spaces and user profiles. In versions 0.16.9 and below, the File Move functionality does not contain logic that prevents injection of arbitrary JavaScript, which can lead to Browser JS code execution in the context of the user’s session. This is fixed i...

CVE-2025-8265 299Ko CMS File Management view unrestricted upload

A vulnerability classified as critical has been found in 299Ko CMS 2.0.0. This affects an unknown part of the file /admin/filemanager/view of the component File Management. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclose...

CVE-2025-8265 299Ko CMS File Management view unrestricted upload

A vulnerability classified as critical has been found in 299Ko CMS 2.0.0. This affects an unknown part of the file /admin/filemanager/view of the component File Management. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclose...

CVE-2025-8265

CVE-2025-8265 affects 299Ko CMS 2.0.0 in the File Management component, specifically the /admin/filemanager/view path. The issue enables unrestricted file upload due to a root-cause in that view, allowing remote initiation. Multiple sources confirm a publicly disclosed exploit and that the vendor...

PT-2025-31055 · 299Ko Cms · 299Ko Cms

Name of the Vulnerable Software and Affected Versions: 299Ko CMS version 2.0.0 Description: A critical vulnerability exists in the File Management component of 299Ko CMS 2.0.0. The issue involves unrestricted file upload through manipulation of the /admin/filemanager/view file. The attack can be...

299Ko 代码问题漏洞

299Ko is a simple, fast and lightweight content management system from 299Ko open source. A code issue vulnerability exists in version 2.0.0 of 299Ko, which stems from the existence of unlimited uploads in the file management component in file/admin/filemanager/view...

CVE-2025-38409 drm/msm: Fix another leak in the submit error path

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix another leak in the submit error path putunusedfd doesn't free the installed file, if we've already done fdinstall. So we need to also free the syncfile. Patchwork: https://patchwork.freedesktop.org/patch/653583/...

Filez 安全漏洞

Filez is an enterprise-grade file management platform from the Chinese company Filez. A security vulnerability exists in Filez that stems from an authentication bypass vulnerability that could lead to local privileged users accessing application data...