74 matches found
CVE-2025-59793
Rocket TRUfusion Enterprise through 7.10.5 exposes the endpoint at /axis2/services/WsPortalV6UpDwAxis2Impl to authenticated users to be able to upload files. However, the application doesn't properly sanitize the jobDirectory parameter, which allows path traversal sequences to be included. This...
CVE-2021-47899
YetiShare File Hosting Script 5.1.0 contains a server-side request forgery vulnerability that allows attackers to read local system files through the remote file upload feature. Attackers can exploit the url parameter in the urluploadhandler endpoint to access sensitive files like /etc/passwd by...
GHSA-3558-J79F-VVM6 Gin-vue-admin has arbitrary file upload vulnerability caused by path traversal
Impact Gin-vue-admin = v2.8.7 has a path traversal vulnerability in the breakpoint resume upload functionality. Attacker can upload any files on any directory. Path traversal vulnerabilities occur when a web application accepts user-supplied file paths without proper validation, allowing attacker...
Arbitrary File Upload
Overview github.com/flipped-aurora/gin-vue-admin/server/utils is a Vue-based admin system Affected versions of this package are vulnerable to Arbitrary File Upload via the MakeFile function in the breakpoint resume upload process. An attacker can write arbitrary files to any directory by supplyin...
CVE-2024-58279 appRain CMF 4.0.5 Authenticated Remote Code Execution via Filemanager Upload
appRain CMF 4.0.5 contains an authenticated remote code execution vulnerability that allows administrative users to upload malicious PHP files through the filemanager upload endpoint. Attackers can leverage authenticated access to generate a web shell with command execution capabilities by...
CVE-2025-27224
TRUfusion Enterprise through 7.10.4.0 uses the /trufusionPortal/fileupload endpoint to upload files. However, the application doesn't properly sanitize the input to this endpoint, ultimately allowing path traversal sequences to be included. This can be used to write to any filename with any file...
EUVD-2025-22350
Malicious code in bioql PyPI...
GitLab 7.8 < 18.1.6 / 18.2 < 18.2.6 / 18.3 < 18.3.2 (CVE-2025-7337)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - The vulnerability exists due to insufficient validation of user-supplied input in endpoint file upload. A remote user can pass specially crafted input to the application and perform a denial of servic...
CVE-2025-34163
Dongsheng Logistics Software exposes an unauthenticated endpoint at /CommMng/Print/UploadMailFile that fails to enforce proper file type validation and access control. An attacker can upload arbitrary files, including executable scripts such as .ashx, via a crafted multipart/form-data POST reques...
Badaso CMS file upload vulnerability
An arbitrary code execution vulnerability in Badaso CMS 2.9.11. The Media Manager allows authenticated users to upload files containing embedded PHP code via the file-upload endpoint, bypassing content-type validation. When such a file is accessed via its URL, the server executes the PHP payload,...
Qiyuesuo Eelectronic Signature Platform 代码问题漏洞
Qiyuesuo Eelectronic Signature Platform is an e-signature and e-contract management platform from China Contract Lock Qiyuesuo. A code issue vulnerability exists in Qiyuesuo Eelectronic Signature Platform version 4.34 and earlier, which stems from improper handling of the parameter File in...
SpringBoot_MyBatisPlus 代码问题漏洞
SpringBootMyBatisPlus is a SpringBoot integration with MyBatisPlus by Siwei Zhou, an individual developer. A code issue vulnerability exists in SpringBootMyBatisPlus, which stems from a wrong operation of the parameter portraitFile in file/file/upload leading to arbitrary file uploads...
CVE-2022-40050
ZFile v4.1.1 was discovered to contain an arbitrary file upload vulnerability via the component /file/upload/1...
CVE-2025-4893 jammy928 CoinExchange_CryptoExchange_Java File Upload Endpoint UploadFileUtil.java uploadLocalImage path traversal
A vulnerability classified as critical has been found in jammy928 CoinExchangeCryptoExchangeJava up to 8adf508b996020d3efbeeb2473d7235bd01436fa. This affects the function uploadLocalImage of the file...
CVE-2025-4868 merikbest ecommerce-spring-reactjs File Upload Endpoint admin path traversal
A vulnerability was found in merikbest ecommerce-spring-reactjs up to 464e610bb11cc2619cf6ce8212ccc2d1fd4277fd. It has been rated as critical. Affected by this issue is some unknown functionality of the file /api/v1/admin/ of the component File Upload Endpoint. The manipulation of the argument...
CVE-2025-4868
CVE-2025-4868 affects merikbest ecommerce-spring-reactjs (up to commit 464e610bb11cc2619cf6ce8212ccc2d1fd4277fd). The vulnerability is a path traversal flaw in the File Upload Endpoint, specifically in the file upload handler at /api/v1/admin/ where the filename argument can be manipulated to tra...
PT-2025-21861 · Unknown · Coinexchange Cryptoexchange Java
Name of the Vulnerable Software and Affected Versions: CoinExchange CryptoExchange Java up to 8adf508b996020d3efbeeb2473d7235bd01436fa Description: A critical vulnerability has been found in CoinExchange CryptoExchange Java, affecting the uploadLocalImage function of the File Upload Endpoint. The...
ecommerce-spring-reactjs 路径遍历漏洞
ecommerce-spring-reactjs is an e-commerce webstore by the individual developer Miroslav Khotinskiy. A path traversal vulnerability exists in ecommerce-spring-reactjs, which stems from incorrect manipulation of the parameter filename in the component File Upload Endpoint resulting in path traversa...
CVE-2024-8736 Denial of Service (DoS) via Multipart Boundary in parisneo/lollms-webui
A Denial of Service DoS vulnerability exists in multiple file upload endpoints of parisneo/lollms-webui version V12 Strawberry. The vulnerability can be exploited remotely via Cross-Site Request Forgery CSRF. Despite CSRF protection preventing file uploads, the application still processes multipa...
DB-GPT 安全漏洞
DB-GPT is an AWEL and agent-based AI native data application development framework open-sourced by eosphoros. A security vulnerability exists in DB-GPT version 0.6.0, which stems from an absolute path traversal vulnerability in the file upload endpoint, which allows an attacker to upload any file...