PT-2025-47084

Name of the Vulnerable Software and Affected Versions Jiusi OA versions prior to 20251103 Description A security issue has been identified in Jiusi OA. The issue involves unrestricted upload capabilities through manipulation of the FileData argument within an unknown function of the...

EUVD-2025-28914

Malicious code in bioql PyPI...

openDCIM Cross-Site Scripting Vulnerability

openDCIM is openDCIM open source a data center inventory management DCIM application . openDCIM version 23.04 cross-site scripting vulnerability , the vulnerability stems from the file /scripts/uploadifive.php parameter Filedata on the user-supplied data lack of effective filtering and escaping ,...

CVE-2025-10253

A vulnerability has been found in openDCIM 23.04. This vulnerability affects unknown code of the file /scripts/uploadifive.php of the component SVG File Handler. Such manipulation of the argument Filedata leads to cross site scripting. The attack can be launched remotely. The exploit has been...

CVE-2025-10253 openDCIM SVG File uploadifive.php cross site scripting

A vulnerability has been found in openDCIM 23.04. This vulnerability affects unknown code of the file /scripts/uploadifive.php of the component SVG File Handler. Such manipulation of the argument Filedata leads to cross site scripting. The attack can be launched remotely. The exploit has been...

CVE-2025-10253

CVE-2025-10253 affects openDCIM 23.04; the vulnerable component is the SVG File Handler’s /scripts/uploadifive.php, where manipulation of the Filedata argument enables cross-site scripting. The issue is triggered remotely via user-controlled input, with exploit maturity noted as a proof-of-concep...

openDCIM 安全漏洞

openDCIM is openDCIM open source a data center inventory management DCIM application . openDCIM version 23.04 cross-site scripting vulnerability , the vulnerability stems from the file /scripts/uploadifive.php parameter Filedata on the user-supplied data lack of effective filtering and escaping ,...

VulnCheck KEV: CVE-2023-2648

A vulnerability was found in Weaver E-Office 9.5. It has been classified as critical. This affects an unknown part of the file /inc/jquery/uploadify/uploadify.php. The manipulation of the argument Filedata leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit...

PT-2023-26217 · Gen Technology · Gen Technology Four Mountain Torrent Disaster Prevention/Control Of Monitoring/Early Warning System

Name of the Vulnerable Software and Affected Versions: Gen Technology Four Mountain Torrent Disaster Prevention and Control of Monitoring and Early Warning System up to 20230712 Description: A critical issue was found in the system, affecting the /Duty/AjaxHandle/UploadFloodPlanFileUpdate.ashx...

PT-2023-25494 · Suncreate · Suncreate Mountain Flood Disaster Prevention Monitoring/Early Warning System

Name of the Vulnerable Software and Affected Versions: Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System up to 20230706 Description: A critical issue was discovered, affecting the /Duty/AjaxHandle/Write/UploadFile.ashx file of the Duty Write-UploadFile component. Th...

PT-2023-25490 · Suncreate · Suncreate Mountain Flood Disaster Prevention Monitoring/Early Warning System

Name of the Vulnerable Software and Affected Versions: Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System versions up to 20230704 Description: A critical issue affects some unknown functionality of the file /Duty/AjaxHandle/UploadHandler.ashx of the component Duty...

Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System 代码问题漏洞

Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System is a flash flood prevention monitoring and early warning system from Suncreate. A code issue vulnerability exists in Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System 20230706 and earli...

Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System 代码问题漏洞

Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System is a flash flood prevention monitoring and early warning system from Suncreate. A code issue vulnerability exists in Suncreate Mountain Flood Disaster Prevention Monitoring and Early Warning System 20230706 and earli...

PT-2023-20671 · Unknown +1 · Weaver E-Office +1

Name of the Vulnerable Software and Affected Versions: Weaver E-Office version 9.5 Description: A critical issue has been found, affecting an unknown part of the file /inc/jquery/uploadify/uploadify.php. The manipulation of the Filedata argument leads to unrestricted upload. It is possible to...

Weaver E-Office 代码问题漏洞

Weaver E-Office is a collaborative office system from China's Panavision Technologies Weaver. A code issue vulnerability exists in Weaver E-Office version 9.5, which stems from a problem with the file /inc/jquery/uploadify/uploadify.php, where manipulation of the parameter Filedata can result in...

CVE-2008-0503

Eval injection vulnerability in admin/op/disp.php in Netwerk Smart Publisher 1.0.1 allows remote attackers to execute arbitrary PHP code via the filedata parameter...