Microsoft Windows File Explorer Information Disclosure Vulnerability (CNVD-2026-10673)

Microsoft Windows File Explorer is a file manager application from Microsoft USA. An information disclosure vulnerability exists in Microsoft Windows File Explorer, which can be exploited by attackers to obtain sensitive information...

CVE-2022-38296

Cuppa CMS v1.0 was discovered to contain an arbitrary file upload vulnerability via the File Manager...

CVE-2020-7935

Artica Pandora FMS through 7.42 is vulnerable to remote PHP code execution because of an Unrestricted Upload Of A File With A Dangerous Type issue in the File Manager. An attacker can create a or use an existing directory that is externally accessible to store PHP files. The filename and the exac...

EUVD-2025-204594

Flatnux 2021-03.25 contains an authenticated file upload vulnerability that allows administrative users to upload arbitrary PHP files through the file manager. Attackers with admin credentials can upload malicious PHP scripts to the web root directory, enabling remote code execution on the server...

PT-2025-51966

Name of the Vulnerable Software and Affected Versions PHPFusion version 9.10.30 Description The software contains a stored cross-site scripting issue in the file manager. Attackers can upload malicious SVG files containing embedded JavaScript. These files, when viewed, can execute arbitrary...

CVE-2025-63678

An authenticated arbitrary file upload vulnerability in the /uploads/ endpoint of CMS Made Simple Foundation File Manager v2.2.22 allows attackers with Administrator privileges to execute arbitrary code via uploading a crafted PHP file...

EUVD-2018-9800

Malware in sbrugna...

EUVD-2006-6239

Malware in sbrugna...

EUVD-2016-6457

Malware in sbrugna...

EUVD-2023-1294

Malicious code in bioql PyPI...

EUVD-2024-51988

Malicious code in bioql PyPI...

EUVD-2021-8696

Malicious code in bioql PyPI...

osCommerce 安全漏洞

osCommerce is an open source online shopping e-commerce solution based on the GNUGPL license from osCommerce, Inc. A security vulnerability exists in osCommerce 2.2 RC2a and earlier versions, which stems from a lack of input validation and access control in the Manage File Manager tool, and could...

CVE-2013-10054

CVE-2013-10054 affects LibrettoCMS (1.1.7 and possibly earlier) via the File Manager plugin. The upload handler at adm/ui/js/ckeditor/plugins/pgrfilemanager/php/upload.php does not properly validate file extensions, allowing unauthenticated upload of files that can be renamed to executable .php s...

Arbitrary File Upload

Overview simogeo/filemanager is an open-source file manager. This package is DEPRECATED. Affected versions of this package are vulnerable to Arbitrary File Upload via the isallowedfiletype function. An attacker can achieve remote code execution by uploading a specially crafted PHP file. Remediati...

Bluebird 安全漏洞

Bluebird is an application from Bluebird South Korea that is used to lock a device into a dedicated mode, restricting a user's access to only specified features or applications. A security vulnerability exists in Bluebird version 1.4.4, which stems from the File Manager application exposing an...

CVE-2025-7108

A vulnerability classified as critical was found in risesoft-y9 Digital-Infrastructure up to 9.6.7. Affected by this vulnerability is the function deleteFile of the file...

CVE-2023-29200

Contao is an open source content management system. Prior to versions 4.9.40, 4.13.21, and 5.1.4, logged in users can list arbitrary system files in the file manager by manipulating the Ajax request. However, it is not possible to read the contents of these files. Users should update to Contao...

CVE-2022-3125

The Frontend File Manager Plugin WordPress plugin before 21.3 allows any authenticated users, such as subscriber, to rename a file to an arbitrary extension, like PHP, which could allow them to basically be able to upload arbitrary files on the server and achieve RCE...

CVE-2021-20651

Directory traversal vulnerability in ELECOM File Manager all versions allows remote attackers to create an arbitrary file or overwrite an existing file in a directory which can be accessed with the application privileges via unspecified vectors...