WordPress plugin Salon Booking System 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...

PT-2025-37106

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 16.11 through 18.3.2 Description An issue has been discovered in GitLab CE/EE that allows authenticated users to make unintended internal requests through proxy environments by injecting crafted sequences. The vulnerabili...

Linux Distros Unpatched Vulnerability : CVE-2025-1385

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When the library bridge feature is enabled, the clickhouse-library-bridge exposes an HTTP API on localhost. This allows clickhouse-server to dynamically load a...

Gitlab -- Vulnerabilities

Gitlab reports: Denial of Service issue in SAML Responses impacts GitLab CE/EE Server-Side Request Forgery issue in Webhook custom header impacts GitLab CE/EE Denial of Service issue in User-Controllable Fields impacts GitLab CE/EE Denial of Service issue in endpoint file upload impacts GitLab...

Linux Distros Unpatched Vulnerability : CVE-2017-9840

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Dolibarr ERP/CRM 5.0.3 and prior allows low-privilege users to upload files of dangerous types, which can result in arbitrary code execution within the context ...

Linux Distros Unpatched Vulnerability : CVE-2020-14209

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Dolibarr before 11.0.5 allows low-privilege users to upload files of dangerous types, leading to arbitrary code execution. This occurs because .pht and .phar...

Linux Distros Unpatched Vulnerability : CVE-2018-10092

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The admin panel in Dolibarr before 7.0.2 might allow remote attackers to execute arbitrary commands by leveraging support for updating the antivirus command and...

CVE-2025-58180

CVE-2025-58180 affects OctoPrint ≤ 1.11.2. An authenticated attacker able to upload files can craft a filename that, when interpolated into a system event handler command, leads to arbitrary command execution on the host via a FileAdded event. The vulnerability relies on insufficient sanitization...

SAP NetWeaver AS Java 代码注入漏洞

SAP NetWeaver AS Java is a platform system from SAP, a German company. A code injection vulnerability exists in SAP NetWeaver AS Java that originates from allowing the uploading of arbitrary files, which could lead to full control of the system...

Halo 安全漏洞

Halo is a powerful and easy-to-use open source website builder from Halo Open Source. A security vulnerability exists in Halo v2.20.17 and earlier versions, which stems from a server-side request forgery that could lead to the upload of malicious files...

CVE-2025-9113

The Doccure Core plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'doccuretempuploadtomedia' function in all versions up to, and including, 1.5.3. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected...

CVE-2025-9113

CVE-2025-9113 concerns the Doccure WordPress theme. The vulnerability is an unauthenticated arbitrary file upload due to missing file-type validation in the doccure_temp_upload_to_media function, affecting all versions up to and including 1.4.8. Consequence: potential remote code execution on the...

WordPress plugin Doccure 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue...

SourceCodester Petshop Management System 代码问题漏洞

SourceCodester Petshop Management System is SourceCodester open source a pet store management system . A code issue vulnerability exists in SourceCodester Petshop Management System version 1.0, which stems from improper handling of parameters in the /admin/profile.php file, which can lead to...

CVE-2025-25048

IBM Jazz Foundation 7.0.2 through 7.0.2 iFix033, 7.0.3 through 7.0.3 iFix012, and 7.1.0 through 7.1.0 iFix002 could allow an authenticated user to upload files to the system due to improper neutralization of sequences that can resolve to a restricted directory...

CVE-2025-20287

A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM could allow an authenticated, remote attacker to upload arbitrary files to an affected device. This vulnerability is due to improper validation of files that are uploaded to the web-based...

CVE-2025-25048 IBM Jazz Foundation path traversal

IBM Jazz Foundation 7.0.2 through 7.0.2 iFix033, 7.0.3 through 7.0.3 iFix012, and 7.1.0 through 7.1.0 iFix002 could allow an authenticated user to upload files to the system due to improper neutralization of sequences that can resolve to a restricted directory...

CodeAstro Real Estate Management System 代码问题漏洞

CodeAstro Real Estate Management System is a real estate management system from CodeAstro. A code issue vulnerability exists in CodeAstro Real Estate Management System version 1.0, which stems from improper manipulation of the parameter uimage in the file /register.php, which could lead to...

IBM Jazz Foundation 安全漏洞

IBM Jazz Foundation is a next-generation collaboration platform for software delivery technology from International Business Machines IBM. A security vulnerability exists in IBM Jazz Foundation versions 7.0.2 through 7.0.2 iFix033, 7.0.3 through 7.0.3 iFix012, and 7.1.0 through 7.1.0 iFix002, whi...

WordPress plugin Make Connector 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...