932 matches found
CVE-2022-0403
The Library File Manager WordPress plugin before 5.2.3 is using an outdated version of the elFinder library, which is know to be affected by security issues CVE-2021-32682, and does not have any authorisation as well as CSRF checks in its connector AJAX action, allowing any authenticated users,...
CVE-2026-22234
OPEXUS eCasePortal before version 9.0.45.0 allows an unauthenticated attacker to navigate to the 'Attachments.aspx' endpoint, iterate through predictable values of 'formid', and download or delete all user-uploaded files, or upload new files...
CVE-2025-15404
A security vulnerability has been detected in campcodes School File Management System 1.0. The affected element is an unknown function of the file /savefile.php. The manipulation of the argument File leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclose...
CVE-2025-15404
A security vulnerability has been detected in campcodes School File Management System 1.0. The affected element is an unknown function of the file /savefile.php. The manipulation of the argument File leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclose...
CVE-2025-15404
A security vulnerability has been detected in campcodes School File Management System 1.0. The affected element is an unknown function of the file /savefile.php. The manipulation of the argument File leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclose...
EUVD-2026-0018
A security vulnerability has been detected in campcodes School File Management System 1.0. The affected element is an unknown function of the file /savefile.php. The manipulation of the argument File leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclose...
CVE-2025-15404 campcodes School File Management System save_file.php unrestricted upload
A security vulnerability has been detected in campcodes School File Management System 1.0. The affected element is an unknown function of the file /savefile.php. The manipulation of the argument File leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclose...
CVE-2025-15404
CVE-2025-15404 affects CampCodes School File Management System 1.0. A vulnerability in an unknown function within /save_file.php allows manipulation of the File argument that leads to unrestricted upload. The issue appears to be exploitable remotely, and multiple sources indicate the exploit has ...
CVE-2025-15404 campcodes School File Management System save_file.php unrestricted upload
A security vulnerability has been detected in campcodes School File Management System 1.0. The affected element is an unknown function of the file /savefile.php. The manipulation of the argument File leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclose...
PT-2026-1004
Name of the Vulnerable Software and Affected Versions campcodes School File Management System version 1.0 Description A security issue exists in campcodes School File Management System 1.0. The issue involves unrestricted file upload due to manipulation of the File argument within an unknown...
CampCodes School File Management System 代码问题漏洞
CampCodes School File Management System is a school file management system from CampCodes Philippines. A code issue vulnerability exists in CampCodes School File Management System version 1.0, which stems from an incorrect manipulation of the parameter File in the file /savefile.php resulting in ...
CVE-2025-15213
A vulnerability has been found in code-projects Student File Management System 1.0. The affected element is an unknown function of the file /download.php of the component File Download Handler. The manipulation of the argument storeid leads to improper authorization. The attack is possible to be...
Student File Management System download.php File SQL Injection Vulnerability
Student File Management System is a student file management system. A SQL injection vulnerability exists in Student File Management System due to mishandling of the istoreid parameter by an unknown function module in the /download.php file. An attacker can use this vulnerability to obtain or tamp...
CVE-2025-15205
A vulnerability was identified in code-projects Student File Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /download.php. The manipulation of the argument istoreid leads to sql injection. The attack can be initiated remotely. The exploit is publicly...
CVE-2025-15213
A vulnerability has been found in code-projects Student File Management System 1.0. The affected element is an unknown function of the file /download.php of the component File Download Handler. The manipulation of the argument storeid leads to improper authorization. The attack is possible to be...
EUVD-2025-205679
A vulnerability has been found in code-projects Student File Management System 1.0. The affected element is an unknown function of the file /download.php of the component File Download Handler. The manipulation of the argument storeid leads to improper authorization. The attack is possible to be...
CVE-2025-15213
The CVE concerns code-projects Student File Management System 1.0, specifically the File Download Handler’s file /download.php. The vulnerability stems from improper authorization caused by manipulating the store_id argument, enabling remote exploitation. Documentation consistently notes that the...
PT-2025-53831
Name of the Vulnerable Software and Affected Versions code-projects Student File Management System version 1.0 Description An improper authorization issue exists in the File Download Handler component of code-projects Student File Management System version 1.0. The issue is due to the manipulatio...
CVE-2025-15205
A vulnerability was identified in code-projects Student File Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /download.php. The manipulation of the argument istoreid leads to sql injection. The attack can be initiated remotely. The exploit is publicly...
CVE-2025-15205
CVE-2025-15205 affects code-projects’ Student File Management System 1.0. The vulnerability is a SQL injection in the file /download.php triggered by manipulating the istore_id parameter, allowing remote exploitation and potentially exposing or tampering with database information. Public exploit ...