CVE-2025-10041

The CVE-2025-10041 entry concerns the Flex QR Code Generator WordPress plugin. Affected versions include all up to and including 1.2.5, where missing file type validation in the save_qr_code_to_db() function allows unauthenticated arbitrary file uploads, potentially enabling remote code execution...

EUVD-2025-34572

The DocoDoco Store Locator plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the zip upload functionality in all versions up to, and including, 1.0.1. This makes it possible for authenticated attackers, with Editor-level access and above, to uploa...

SAP Supplier Relationship Management 代码问题漏洞

SAP Supplier Relationship Management SRM is a supplier relationship management solution from SAP, Germany. The product automates purchasing and acquisition processes within an organization and between suppliers, and provides functionality such as invoicing. A code issue vulnerability exists in SA...

school-management-system 代码问题漏洞

school-management-system is a school management system developed in PHP for schools or small organizations by Shubham kumar individual developer. A code issue vulnerability exists in school-management-system, which stems from incorrect manipulation of the parameter File in the file...

CVE-2025-33096 IBM Engineering Requirements Management Doors Next denial of service

IBM Engineering Requirements Management Doors Next 7.0.2, 7.0.3, and 7.1 could allow an authenticated user to cause a denial of service by uploading specially crafted files using uncontrolled recursion...

WordPress plugin Ovatheme Events Manager 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plug-in. A code issue...

PT-2025-41661

Name of the Vulnerable Software and Affected Versions Ovatheme Events Manager plugin for WordPress versions up to and including 1.8.5 Description The Ovatheme Events Manager plugin for WordPress is susceptible to arbitrary file uploads because of a lack of file type validation. This occurs in the...

BIT-KIBANA-2025-25009 Kibana Cross-Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation in Kibana can lead to Stored XSS via case file upload...

Campcodes Advanced Online Voting Management System 代码问题漏洞

CampCodes Advanced Online Voting Management System is an advanced online voting management system from CampCodes Philippines, Inc. A code issue vulnerability exists in Campcodes Advanced Online Voting Management System version 1.0, which stems from the incorrect manipulation of the parameter phot...

EUVD-2005-1379

Malware in sbrugna...

EUVD-2006-3932

Malware in sbrugna...

EUVD-2017-5497

Malware in sbrugna...

EUVD-2019-16976

Malware in sbrugna...

EUVD-2013-1939

Malware in sbrugna...

EUVD-2017-11833

Malware in sbrugna...

EUVD-2017-18215

Malware in sbrugna...

EUVD-2018-13531

Malware in sbrugna...

EUVD-2009-5121

Malware in sbrugna...

EUVD-2021-0064

Malware in sbrugna...

EUVD-2019-5241

Malware in sbrugna...