102 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-32563
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Thunar before 4.16.7 and 4.17.x before 4.17.2. When called with a regular file as a command-line argument, it delegates to a differen...
CVE-2025-8965
A vulnerability has been found in linlinjava litemall up to 1.8.0. This vulnerability affects the function create of the file litemall-admin-api/src/main/java/org/linlinjava/litemall/admin/web/AdminStorageController.java of the component Endpoint. The manipulation of the argument File leads to...
CVE-2025-8750
A vulnerability has been found in macrozheng mall up to 1.0.3 and classified as problematic. Affected by this vulnerability is the function Upload of the file /minio/upload of the component Add Product Page. The manipulation of the argument File leads to cross site scripting. The attack can be...
CVE-2025-8750
A vulnerability has been found in macrozheng mall up to 1.0.3 and classified as problematic. Affected by this vulnerability is the function Upload of the file /minio/upload of the component Add Product Page. The manipulation of the argument File leads to cross site scripting. The attack can be...
PT-2025-32431 · Minio +1 · Minio +1
Name of the Vulnerable Software and Affected Versions: macrozheng mall versions up to 1.0.3 Description: A vulnerability exists in the Upload function of the /minio/upload file within the Add Product Page component. Manipulation of the File argument can lead to cross-site scripting XSS. This issu...
CVE-2025-5879
A vulnerability, which was classified as problematic, was found in WuKongOpenSource WukongCRM 9.0. This affects an unknown part of the file AdminSysConfigController.java of the component File Upload. The manipulation of the argument File leads to cross site scripting. It is possible to initiate t...
CVE-2024-6083
A vulnerability, which was classified as critical, was found in PHPVibe 11.0.46. Affected is an unknown function of the file /app/uploading/upload-mp3.php of the component Media Upload Page. The manipulation of the argument file leads to unrestricted upload. It is possible to launch the attack...
CVE-2022-3939
A vulnerability, which was classified as critical, has been found in lanyulei ferry. Affected by this issue is some unknown functionality of the file apis/public/file.go of the component API. The manipulation of the argument file leads to path traversal. The attack may be launched remotely...
SUSE-SU-2025:20336-1 Security update for ca-certificates-mozilla
This update for ca-certificates-mozilla fixes the following issues: - test for a concretely missing certificate rather than just the directory, as the latter is now also provided by openssl-3 - Re-create java-cacerts with SOURCEDATEEPOCH set for reproducible builds bsc1229003 - explicit remove...
Denial of Service (DoS)
Overview org.jeecgframework.boot:jeecg-boot-parent is a low-code development platform. Affected versions of this package are vulnerable to Denial of Service DoS through the unzipFile function. An attacker can cause excessive resource consumption by manipulating the File argument. Details Denial o...
CVE-2025-3327
A vulnerability was found in iteaj iboot 物联网网关 1.1.3 and classified as problematic. This issue affects some unknown processing of the file /common/upload/batch of the component File Upload. The manipulation of the argument File leads to cross site scripting. The attack may be initiated remotely...
PT-2025-13622 · Unknown · Bluestar Micro Mall
Name of the Vulnerable Software and Affected Versions: Bluestar Micro Mall version 1.0 Description: A critical vulnerability was found in Bluestar Micro Mall, affecting an unknown functionality of the file "/api/api.php?mod=upload&type=1". The manipulation of the File argument leads to unrestrict...
PT-2025-12451 · Unknown · Lzcms-Laozhangbokexitong
Name of the Vulnerable Software and Affected Versions: LzCMS-LaoZhangBoKeXiTong versions up to 1.1.4 Description: A critical issue affects some unknown functionality of the file /admin/upload/upimage.html, specifically the HTTP POST Request Handler component. The manipulation of the File argument...
CVE-2025-1676
A vulnerability classified as critical was found in hzmanyun Education and Training System 3.1.1. Affected by this vulnerability is the function pdf2swf of the file /pdf2swf. The manipulation of the argument file leads to os command injection. The attack can be launched remotely. The exploit has...
PT-2024-39538 · Unknown · Kalvingit Kvf-Admin
Name of the Vulnerable Software and Affected Versions: kalvinGit kvf-admin up to f12a94dc1ebb7d1c51ee978a85e4c7ed75c620ff Description: A critical issue has been found in the fileUpload function of the FileUploadKit.java file, allowing for unrestricted upload by manipulating the file argument. Thi...
PT-2024-39283 · Composiohq · Composio
Name of the Vulnerable Software and Affected Versions: composiohq composio versions up to 0.5.8 Description: A vulnerability was found in composiohq composio, classified as problematic. The issue affects the function path of the file composioserverapi.py. The manipulation of the file argument lea...
PT-2024-37989 · Prain · Prain
Name of the Vulnerable Software and Affected Versions: Prain versions up to 1.3.0 Description: A critical issue has been found in the HTTP POST Request Handler component, specifically affecting some unknown functionality of the file /?import. The manipulation of the file argument leads to code...
PT-2024-35943 · Unknown · Lakernote Easyadmin
Name of the Vulnerable Software and Affected Versions: lakernote EasyAdmin up to 20240324 Description: A problematic vulnerability has been found in lakernote EasyAdmin, affecting an unknown part of the file /sys/file/upload. The manipulation of the file argument leads to cross-site scripting. It...
CVE-2024-3766 slowlyo OwlAdmin Image File Upload upload_image cross site scripting
A vulnerability, which was classified as problematic, has been found in slowlyo OwlAdmin up to 3.5.7. Affected by this issue is some unknown functionality of the file /admin-api/uploadimage of the component Image File Upload. The manipulation of the argument file leads to cross site scripting. Th...
PT-2023-32842 · Unknown · Lightxun Iptv Gateway
Name of the Vulnerable Software and Affected Versions: Lightxun IPTV Gateway versions up to 20231208 Description: A vulnerability was found in the processing of the file /ZHGXTV/index.php/admin/index/web upload template.html. The manipulation of the file argument leads to unrestricted upload. The...