66 matches found
CVE-2026-12081 Database for Contact Form 7, WPforms, Elementor forms < 1.5.2 - Unauthenticated PHP Object Injection via Entry File Field
The Database for Contact Form 7, WPforms, Elementor forms WordPress plugin before 1.5.2 does not restrict the PHP classes allowed when unserializing an attacker-supplied form-field value, allowing unauthenticated users to inject arbitrary PHP objects that are instantiated when an administrator...
CVE-2026-12081
CVE-2026-12081 affects the Database for Contact Form 7, WPforms, and Elementor forms WordPress plugin (versions before 1.5.2). The issue arises from unserializing an attacker-supplied form-field value without restricting PHP classes, allowing unauthenticated users to inject arbitrary PHP objects ...
CVE-2026-4885
The Piotnet Addons for Elementor Pro plugin for WordPress is vulnerable to arbitrary file upload due to missing file type validation in the 'pafeajaxformbuilder' function in all versions up to, and including, 7.1.70. The plugin uses an incomplete extension blacklist that only blocks php, phpt,...
CVE-2026-4883
The Piotnet Forms plugin for WordPress is vulnerable to arbitrary file upload due to missing file type validation in the 'piotnetformsajaxformbuilder' function in all versions up to, and including, 2.1.40. The plugin uses an incomplete extension blacklist that only blocks php, phpt, php5, php7, a...
Stored Cross-Site Scripting (XSS) via uploaded files served inline in FileField and ImageField
EasyAdmin's FileField and ImageField accept browser-executable file types by default FileField applies no MIME/extension restrictions; ImageField's default Image constraint accepts SVG. When the upload directory is configured inside the public web root — as shown in the documentation — EasyAdmin...
EUVD-2026-30849
The Piotnet Addons for Elementor Pro plugin for WordPress is vulnerable to arbitrary file upload due to missing file type validation in the 'pafeajaxformbuilder' function in all versions up to, and including, 7.1.70. The plugin uses an incomplete extension blacklist that only blocks php, phpt,...
PT-2026-41884
Name of the Vulnerable Software and Affected Versions Piotnet Forms versions prior to 2.1.41 Description An arbitrary file upload issue exists due to missing file type validation within the piotnetforms ajax form builder function. The software employs an incomplete extension blacklist that blocks...
CVE-2020-37234
Internet Download Manager 6.38.12 contains a buffer overflow vulnerability in the Scheduler component that allows local attackers to crash the application by supplying oversized input. Attackers can paste malicious data exceeding 5000 bytes into the 'Open the following file when done' field to...
CVE-2020-37234
CVE-2020-37234 concerns Internet Download Manager 6.38.12, where a buffer overflow in the Scheduler component allows local attackers to crash the application by feeding oversized input. Specifically, pasting data exceeding 5000 bytes into the 'Open the following file when done' field triggers a d...
CVE-2020-37234 Internet Download Manager 6.38.12 Scheduler Buffer Overflow
Internet Download Manager 6.38.12 contains a buffer overflow vulnerability in the Scheduler component that allows local attackers to crash the application by supplying oversized input. Attackers can paste malicious data exceeding 5000 bytes into the 'Open the following file when done' field to...
CVE-2020-37234 Internet Download Manager 6.38.12 Scheduler Buffer Overflow
Internet Download Manager 6.38.12 contains a buffer overflow vulnerability in the Scheduler component that allows local attackers to crash the application by supplying oversized input. Attackers can paste malicious data exceeding 5000 bytes into the 'Open the following file when done' field to...
EUVD-2020-31238
Internet Download Manager 6.38.12 contains a buffer overflow vulnerability in the Scheduler component that allows local attackers to crash the application by supplying oversized input. Attackers can paste malicious data exceeding 5000 bytes into the 'Open the following file when done' field to...
PT-2026-41434
Internet Download Manager 6.38.12 contains a buffer overflow vulnerability in the Scheduler component that allows local attackers to crash the application by supplying oversized input. Attackers can paste malicious data exceeding 5000 bytes into the 'Open the following file when done' field to...
CVE-2026-6320 Salon Booking System – Free Version <= 10.30.25 - Unauthenticated Arbitrary File Read via Booking File Field Path Traversal
The Salon Booking System – Free Version plugin for WordPress is vulnerable to Arbitrary File Read in versions up to, and including, 10.30.25. This is due to the public booking flow accepting attacker-controlled file-field values and later using those stored values as trusted paths for email...
school-management-system 代码问题漏洞
School-Management-System is a PHP-based school management system developed by Shubham Kumar, an individual developer. There are code vulnerabilities in School-Management-System, which stem from improper handling of parameters in the File field within the settings.php file. This could lead to...
WordPress WP Job Portal plugin <= 2.4.9 - Authenticated (Subscriber+) Arbitrary File Deletion via Resume Custom File Field vulnerability
Authenticated Subscriber+ Arbitrary File Deletion via Resume Custom File Field vulnerability discovered by daroo in WordPress Plugin WP Job Portal versions = 2.4.9...
UBUNTU-CVE-2026-1556
Information disclosure in the file URI processing of File Field Paths in Drupal File Field Paths 7.x prior to 7.1.3 on Drupal 7.x allows authenticated users to disclose other users’ private files via filename‑collision uploads. This can cause hooknodeinsert consumers for example, email attachment...
CVE-2026-1556
Information disclosure in the file URI processing of File Field Paths in Drupal File Field Paths 7.x prior to 7.1.3 on Drupal 7.x allows authenticated users to disclose other users’ private files via filename‑collision uploads. This can cause hooknodeinsert consumers for example, email attachment...
CVE-2026-1556
CVE-2026-1556 affects Drupal 7.x (File (Field) Paths module). The vulnerability arises in the processing of file URIs for File (Field) Paths when filenames collide during uploads, allowing an authenticated user to disclose private files belonging to other users. This can cause hook_node_insert() ...
CVE-2026-1556 Information disclosure via file URI overwrite in File (Field) Paths
Information disclosure in the file URI processing of File Field Paths in Drupal File Field Paths 7.x prior to 7.1.3 on Drupal 7.x allows authenticated users to disclose other users’ private files via filename‑collision uploads. This can cause hooknodeinsert consumers for example, email attachment...