5489 matches found
CVE-2026-41877 Stored XSS in R-SOFT DMS
R-SOFT DMS is vulnerable to Stored XSS in file upload functionality. Authenticated attacker can inject arbitrary HTML and JS into the name of the file being uploaded, which will be executed when visiting file list or upload status by other users. This issue was fixed in version v3.19-2832 and...
CVE-2026-15282
The Instant Appointment plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'insappuploadimageasattachment' function in all versions up to, and including, 1.2. This makes it possible for unauthenticated attackers to upload arbitrary files on the...
WordPress Simple File List <=4.2.2 - Remote Code Execution
An unrestricted file upload vulnerability in the WordPress Simple File List plugin before version 4.2.3 allows unauthenticated remote attackers to achieve remote code execution. The plugin's upload endpoint ee-upload-engine.php restricts file uploads based on extension, but lacks proper validatio...
LyLme-Spage - Arbitary File Upload
An arbitrary file upload vulnerability in the component /include/file.php of lylmespage v1.9.5 allows attackers to execute arbitrary code via uploading a crafted file. id: CVE-2024-34982 info: name: LyLme-Spage - Arbitary File Upload author: DhiyaneshDk severity: high description: | An arbitrary...
Melis Technology Melis Platform - Unrestricted File Upload & Remote Code Execution
Melis Technology Melis Platform contains an unrestricted file upload caused by insufficient validation of 'mcsdetailimg' parameter in /melis/MelisCmsSlider/MelisCmsSliderDetails/saveDetailsForm, letting attackers upload malicious files and achieve remote code execution, exploit requires crafted...
Cisco IOS XE WLC - Arbitrary File Upload
A vulnerability in the Out-of-Band Access Point AP Image Download feature of Cisco IOS XE Software for Wireless LAN Controllers WLCs could allow an unauthenticated, remote attacker to upload arbitrary files to an affected system.This vulnerability is due to the presence of a hard-coded JSON Web...
Sangfor OSM - Arbitrary File Upload
Sangfor Operation and Maintenance Management System = 3.0.8 contains an unrestricted file upload vulnerability caused by manipulation of the "File" argument in /fort/trust/version/common/common.jsp, letting remote attackers upload arbitrary files, exploit requires no special privileges. id:...
FlowiseAI Flowise <= 2.2.6 - Arbitrary File Upload
FlowiseAI Flowise version 2.2.6 and below contains an arbitrary file upload vulnerability in the /api/v1/attachments endpoint. This vulnerability allows an unauthenticated attacker to upload files outside the intended directory through path traversal, potentially leading to API key exposure and...
Samsung MagicINFO 9 Server - File Upload & Remote Code Execution
Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9 Server version before 21.1052 allows attackers to write arbitrary file as system authority. id: CVE-2025-4632 info: name: Samsung MagicINFO 9 Server - File Upload & Remote Code Execution author: s4e-i...
InstaWP Connect <= 0.1.0.22 - Unauthenticated Arbitrary File Upload
The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation in the /wp-json/instawp-connect/v1/config REST API endpoint in all versions up to, and including, 0.1.0.22. This makes it possible for...
WP Mobile Detector <= 3.5 - Unrestricted File Upload
WP Mobile Detector plugin for WordPress = 3.5 contains an unrestricted file upload vulnerability caused by missing file type validation in resize.php, letting unauthenticated attackers upload arbitrary files, potentially leading to remote code execution. id: CVE-2016-15043 info: name: WP Mobile...
EUVD-2025-13499
Open WebUI allows limited stored XSS vila uploaded html file...
EUVD-2026-42008
Relative path traversal vulnerability in MicroRealEstate file upload functionality allows attackers to potentially overwrite system files. This issue affects MicroRealEstate: through 1.0.0-alpha3...
CVE-2026-42145
CVE-2026-42145 —Coolify prior to 4.0.0-beta.474 has a vulnerable file upload endpoint (app/Http/Controllers/UploadController.php) for database backup restores that did not enforce file type or size validation. An authenticated user could upload unexpected or oversized files, potentially impacting...
WordPress Database for Contact Form 7, WPforms, Elementor forms plugin <= 1.5.1 - Unauthenticated Arbitrary File Copy/Upload vulnerability
Unauthenticated Arbitrary File Copy/Upload vulnerability discovered by Jonah Burgess CryptoCat in WordPress Plugin Contact Form Entries versions = 1.5.1...
CVE-2026-58170
Vibe-Trading before 0.1.10 builds the proposal file path by joining a caller-supplied proposal identifier onto the broker proposals directory without sanitization agent/src/live/mandate/commit.py. A proposal identifier containing path traversal sequences causes the application to load an...
EUVD-2026-40351
Vibe-Trading before 0.1.10 builds the proposal file path by joining a caller-supplied proposal identifier onto the broker proposals directory without sanitization agent/src/live/mandate/commit.py. A proposal identifier containing path traversal sequences causes the application to load an...
CVE-2026-11589
Technical details about CVE-2026-11589 are not publicly available in the provided documents. Monitor for updates from official advisories and vendor advisories for affected versions, impact, and fixes.
PYSEC-2026-323 DB-GPT Absolute Path Traversal vulnerability
In eosphoros-ai/db-gpt version 0.6.0, the endpoint for uploading files is vulnerable to absolute path traversal. This vulnerability allows an attacker to upload arbitrary files to arbitrary locations on the target server. The issue arises because the filekey and docfile.filename parameters are...
CVE-2026-9772
Unraid Web Server FileUpload Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Unraid. Authentication is required to exploit this vulnerability. The specific flaw exists within FileUpload.php. T...