1017 matches found
CVE-2025-15415
A vulnerability has been found in xnx3 wangmarket up to 6.4. The impacted element is the function uploadImage of the file /sits/uploadImage.do of the component XML File Handler. The manipulation of the argument image leads to unrestricted upload. Remote exploitation of the attack is possible. The...
CVE-2025-15415 xnx3 wangmarket XML File uploadImage.do uploadImage unrestricted upload
A vulnerability has been found in xnx3 wangmarket up to 6.4. The impacted element is the function uploadImage of the file /sits/uploadImage.do of the component XML File Handler. The manipulation of the argument image leads to unrestricted upload. Remote exploitation of the attack is possible. The...
CVE-2025-15415
The CVE concerns xnx3 wangmarket (up to 6.4) in the XML File Handler, specifically the uploadImage function at /sits/uploadImage.do. The issue arises from manipulating the image parameter, enabling unrestricted file uploads and remote exploitation. Public exploitation has been disclosed; vendor d...
PT-2026-20644
Name of the Vulnerable Software and Affected Versions Open Babel versions prior to 3.1.2 Description A flaw exists in Open Babel up to version 3.1.1 related to an out-of-bounds read issue. The issue is located within the OBAtom::SetFormalCharge function in the include/openbabel/atom.h library,...
PT-2026-20643
Name of the Vulnerable Software and Affected Versions Open Babel versions prior to 3.1.2 Description A security issue exists in Open Babel up to version 3.1.1. The issue involves an out-of-bounds read within the OpenBabel::transform3d::DescribeAsString function located in the...
CVE-2025-15187
A vulnerability was found in GreenCMS up to 2.3. This affects an unknown part of the file /DataController.class.php of the component File Handler. Performing a manipulation of the argument sqlFiles/zipFiles results in path traversal. The attack can be initiated remotely. The exploit has been made...
CVE-2025-15187
A vulnerability was found in GreenCMS up to 2.3. This affects an unknown part of the file /DataController.class.php of the component File Handler. Performing a manipulation of the argument sqlFiles/zipFiles results in path traversal. The attack can be initiated remotely. The exploit has been made...
CVE-2025-15187
A vulnerability was found in GreenCMS up to 2.3. This affects an unknown part of the file /DataController.class.php of the component File Handler. Performing a manipulation of the argument sqlFiles/zipFiles results in path traversal. The attack can be initiated remotely. The exploit has been made...
CVE-2025-15187
GreenCMS up to version 2.3 is affected by a path traversal in the File Handler’s DataController.class.php, where manipulating sqlFiles/zipFiles enables traversal. The issue is remote and publicly exploitable; affected products are no longer supported by the maintainer. No remediation or fixed ver...
CVE-2025-15187
A vulnerability was found in GreenCMS up to 2.3. This affects an unknown part of the file /DataController.class.php of the component File Handler. Performing a manipulation of the argument sqlFiles/zipFiles results in path traversal. The attack can be initiated remotely. The exploit has been made...
EUVD-2025-205573
A vulnerability was found in GreenCMS up to 2.3. This affects an unknown part of the file /DataController.class.php of the component File Handler. Performing manipulation of the argument sqlFiles/zipFiles results in path traversal. The attack can be initiated remotely. The exploit has been made...
GreenCMS 路径遍历漏洞
GreenCMS is GreenCMS open source a content management system CMS based on ThinkPHP development. A path traversal vulnerability exists in GreenCMS 2.3 and earlier versions, which stems from incorrect manipulation of the parameter sqlFiles/zipFiles in the file/DataController.class.php of the...
CVE-2025-14286
A vulnerability was determined in Tenda AC9 15.03.05.14multi. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/DownloadCfg.jpg of the component Configuration File Handler. This manipulation causes information disclosure. The attack may be initiated remotely. The...
EUVD-2025-201856
A vulnerability was determined in Tenda AC9 15.03.05.14multi. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/DownloadCfg.jpg of the component Configuration File Handler. This manipulation causes information disclosure. The attack may be initiated remotely. The...
CVE-2025-14286
A vulnerability was determined in Tenda AC9 15.03.05.14multi. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/DownloadCfg.jpg of the component Configuration File Handler. This manipulation causes information disclosure. The attack may be initiated remotely. The...
CVE-2025-14286
A vulnerability was determined in Tenda AC9 15.03.05.14multi. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/DownloadCfg.jpg of the component Configuration File Handler. This manipulation causes information disclosure. The attack may be initiated remotely. The...
CVE-2025-14286
The CVE-2025-14286 entry concerns Tenda AC9 devices with version 15.03.05.14_multi. The vulnerability targets the file /cgi-bin/DownloadCfg.jpg in the Configuration File Handler, where an unknown functionality can be manipulated to disclose information. The issue can be exploited remotely, and pu...
CVE-2025-14286 Tenda AC9 Configuration File DownloadCfg.jpg information disclosure
A vulnerability was determined in Tenda AC9 15.03.05.14multi. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/DownloadCfg.jpg of the component Configuration File Handler. This manipulation causes information disclosure. The attack may be initiated remotely. The...
PT-2025-49758
Name of the Vulnerable Software and Affected Versions Tenda AC9 version 15.03.05.14 multi Description A flaw exists in Tenda AC9 version 15.03.05.14 multi related to an unknown functionality within the /cgi-bin/DownloadCfg.jpg file of the Configuration File Handler component. This issue allows fo...
CVE-2025-13784
A weakness has been identified in yungifez Skuul School Management System up to 2.6.5. This vulnerability affects unknown code of the file /dashboard/schools/1/edit of the component SVG File Handler. This manipulation causes cross site scripting. The attack is possible to be carried out remotely...