CVE-2026-27621

TypiCMS is a multilingual content management system based on the Laravel framework. A Stored Cross-Site Scripting XSS vulnerability exists in the file upload module of TypiCMS prior to version 16.1.7. The application allows users with file upload permissions to upload SVG files. While there is a...

EUVD-2026-8598

TypiCMS Core has Stored Cross-Site Scripting XSS via SVG File Upload...

TypiCMS 跨站脚本漏洞

TypiCMS is an open-source content management system developed by TypiCMS. Versions of TypiCMS prior to 16.1.7 had a cross-site scripting vulnerability. This vulnerability stemmed from the file upload module not clearing the content of SVG files, which could lead to storage-based cross-site...

CVE-2022-27263

An arbitrary file upload vulnerability in the file upload module of Strapi v4.1.5 allows attackers to execute arbitrary code via a crafted file...

EUVD-2006-5223

Malware in sbrugna...

EUVD-2025-24152

Malicious code in bioql PyPI...

EUVD-2023-44433

Malicious code in bioql PyPI...

EUVD-2022-31769

Malicious code in bioql PyPI...

EUVD-2025-29650

Malicious code in bioql PyPI...

CVE-2025-57631

SQL Injection vulnerability in TDuckCloud v.5.1 allows a remote attacker to execute arbitrary code via the Add a file upload module...

CVE-2025-57631

SQL Injection vulnerability in TDuckCloud v.5.1 allows a remote attacker to execute arbitrary code via the Add a file upload module...

CVE-2025-57631

SQL Injection vulnerability in TDuckCloud v.5.1 allows a remote attacker to execute arbitrary code via the Add a file upload module...

CVE-2025-57631

SQL Injection vulnerability in TDuckCloud v.5.1 allows a remote attacker to execute arbitrary code via the Add a file upload module...

PT-2025-38072

Name of the Vulnerable Software and Affected Versions: TDuckCloud version 5.1 Description: A SQL Injection issue exists in TDuckCloud version 5.1, allowing a remote attacker to execute arbitrary code through the Add a file upload module. Recommendations: At the moment, there is no information abo...

CVE-2025-57631

TDuckCloud CVE-2025-57631 is a SQL injection affecting TDuckCloud v5.1 through the file-upload module, enabling a remote attacker to execute arbitrary code. The CVE’s metrics show a high-severity, network-exploitable impact with no user interaction required. The available connected documents conf...

PT-2025-34490 · Salesforce · Tableau Desktop +1

Name of the Vulnerable Software and Affected Versions: Tableau Server and Tableau Desktop versions prior to 2025.1.3 Tableau Server and Tableau Desktop versions prior to 2024.2.12 Tableau Server and Tableau Desktop versions prior to 2023.3.19 Description: A 'Type Confusion' vulnerability exists i...

CVE-2025-8859

A vulnerability was identified in code-projects eBlog Site 1.0. Affected by this vulnerability is an unknown functionality of the file /native/admin/save-slider.php of the component File Upload Module. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit...

CVE-2025-8859

A vulnerability was identified in code-projects eBlog Site 1.0. Affected by this vulnerability is an unknown functionality of the file /native/admin/save-slider.php of the component File Upload Module. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit...

CVE-2025-8859

A vulnerability was identified in code-projects eBlog Site 1.0. Affected by this vulnerability is an unknown functionality of the file /native/admin/save-slider.php of the component File Upload Module. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit...

CVE-2025-8859 code-projects eBlog Site File Upload save-slider.php unrestricted upload

A vulnerability was identified in code-projects eBlog Site 1.0. Affected by this vulnerability is an unknown functionality of the file /native/admin/save-slider.php of the component File Upload Module. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit...