Lucene search
K

158 matches found

NVD
NVD
added 2026/07/04 5:16 p.m.8 views

CVE-2026-14636

A weakness has been identified in kirilkirkov Ecommerce-CodeIgniter-Bootstrap up to 23105f25dadf57b4314fc015a63a7c6e910c89df. Impacted is the function douploadothersimages of the file application/modules/vendor/controllers/AddProduct.php of the component Vendor Image Manager. Executing a...

5.5CVSS0.00323EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/07/04 4:45 p.m.30 views

CVE-2026-14636 kirilkirkov Ecommerce-CodeIgniter-Bootstrap Vendor Image Manager AddProduct.php do_upload_others_images path traversal

A weakness has been identified in kirilkirkov Ecommerce-CodeIgniter-Bootstrap up to 23105f25dadf57b4314fc015a63a7c6e910c89df. Impacted is the function douploadothersimages of the file application/modules/vendor/controllers/AddProduct.php of the component Vendor Image Manager. Executing a...

5.5CVSS0.00323EPSS
Exploits0References7
EUVD
EUVD
added 2026/07/04 4:45 p.m.9 views

EUVD-2026-41682

A weakness has been identified in kirilkirkov Ecommerce-CodeIgniter-Bootstrap up to 23105f25dadf57b4314fc015a63a7c6e910c89df. Impacted is the function douploadothersimages of the file application/modules/vendor/controllers/AddProduct.php of the component Vendor Image Manager. Executing a...

5.5CVSS5.8AI score0.00323EPSS
Exploits0References7
CVE
CVE
added 2026/07/04 4:45 p.m.19 views

CVE-2026-14636

Summary (CVE-2026-14636): A weakness in kirilkirkov’s Ecommerce-CodeIgniter-Bootstrap (Vendor Image Manager) affects the AddProduct.php function do_upload_others_images. The vulnerability arises from manipulating the folder argument, enabling path traversal. It is reportable via remote access. Pu...

5.5CVSS5.8AI score0.00323EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/07/04 12:0 a.m.12 views

PT-2026-55712

Name of the Vulnerable Software and Affected Versions kirilkirkov Ecommerce-CodeIgniter-Bootstrap versions prior to de1c9e73ccf3bd032d9a0525c4752290d959dd8b Description A path traversal issue exists in the Vendor Image Manager component. A remote attacker can exploit this by manipulating the fold...

5.5CVSS6.2AI score0.00323EPSS
Exploits0References12
Chainguard
Chainguard
added 2026/05/09 1:17 a.m.33 views

CVE-2026-33814 vulnerabilities

Vulnerabilities for packages: crossplane-function-go-templating, virt-operator-fips, crossplane-provider-aws-secretsmanager, dcgm-exporter, octo-sts, crossplane-provider-aws-route53-fips, supercronic-fips, spire-controller-manager-fips, thanos-fips, nginx-prometheus-exporter-fips,...

7.5CVSS6.7AI score0.00781EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/03/26 2:56 p.m.6 views

CVE-2019-25630

PhreeBooks ERP 5.2.3 contains an arbitrary file upload vulnerability in the Image Manager component that allows authenticated attackers to upload malicious files by submitting requests to the image upload endpoint. Attackers can upload PHP files through the imgFile parameter to the...

8.8CVSS6.3AI score0.00896EPSS
Exploits1References1
EUVD
EUVD
added 2026/03/24 12:30 p.m.6 views

EUVD-2019-20033

PhreeBooks ERP 5.2.3 contains a remote code execution vulnerability in the image manager that allows authenticated attackers to upload and execute arbitrary PHP files by bypassing file extension controls. Attackers can upload malicious PHP files through the image manager endpoint and execute them...

8.8CVSS6.7AI score0.00798EPSS
Exploits1References5
EUVD
EUVD
added 2026/03/24 12:30 p.m.5 views

EUVD-2019-20000

PhreeBooks ERP 5.2.3 contains an arbitrary file upload vulnerability in the Image Manager component that allows authenticated attackers to upload malicious files by submitting requests to the image upload endpoint. Attackers can upload PHP files through the imgFile parameter to the...

8.8CVSS6.3AI score0.00896EPSS
Exploits1References5
NVD
NVD
added 2026/03/24 12:16 p.m.4 views

CVE-2019-25647

PhreeBooks ERP 5.2.3 contains a remote code execution vulnerability in the image manager that allows authenticated attackers to upload and execute arbitrary PHP files by bypassing file extension controls. Attackers can upload malicious PHP files through the image manager endpoint and execute them...

8.8CVSS0.00798EPSS
Exploits1References4
NVD
NVD
added 2026/03/24 12:16 p.m.6 views

CVE-2019-25630

PhreeBooks ERP 5.2.3 contains an arbitrary file upload vulnerability in the Image Manager component that allows authenticated attackers to upload malicious files by submitting requests to the image upload endpoint. Attackers can upload PHP files through the imgFile parameter to the...

8.8CVSS0.00896EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/03/24 11:27 a.m.3 views

CVE-2019-25647 PhreeBooks ERP 5.2.3 Remote Code Execution via Image Manager

PhreeBooks ERP 5.2.3 contains a remote code execution vulnerability in the image manager that allows authenticated attackers to upload and execute arbitrary PHP files by bypassing file extension controls. Attackers can upload malicious PHP files through the image manager endpoint and execute them...

8.8CVSS6.7AI score0.00798EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/03/24 11:27 a.m.7 views

CVE-2019-25647

PhreeBooks ERP 5.2.3 contains a remote code execution vulnerability in the image manager that allows authenticated attackers to upload and execute arbitrary PHP files by bypassing file extension controls. Attackers can upload malicious PHP files through the image manager endpoint and execute them...

8.8CVSS6.7AI score0.00798EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2026/03/24 11:27 a.m.9 views

CVE-2019-25647

CVE-2019-25647 affects PhreeBooks ERP 5.2.3. A remote code execution vulnerability exists in the image manager that lets an authenticated attacker upload and execute arbitrary PHP files by bypassing file extension controls. Attackers can place malicious PHP files via the image manager endpoint an...

8.8CVSS6.7AI score0.00798EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2026/03/24 11:27 a.m.23 views

CVE-2019-25647 PhreeBooks ERP 5.2.3 Remote Code Execution via Image Manager

PhreeBooks ERP 5.2.3 contains a remote code execution vulnerability in the image manager that allows authenticated attackers to upload and execute arbitrary PHP files by bypassing file extension controls. Attackers can upload malicious PHP files through the image manager endpoint and execute them...

8.8CVSS0.00798EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/03/24 11:27 a.m.20 views

CVE-2019-25630 PhreeBooks ERP 5.2.3 Arbitrary File Upload via Image Manager

PhreeBooks ERP 5.2.3 contains an arbitrary file upload vulnerability in the Image Manager component that allows authenticated attackers to upload malicious files by submitting requests to the image upload endpoint. Attackers can upload PHP files through the imgFile parameter to the...

8.8CVSS0.00896EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/03/24 11:27 a.m.3 views

CVE-2019-25630

PhreeBooks ERP 5.2.3 contains an arbitrary file upload vulnerability in the Image Manager component that allows authenticated attackers to upload malicious files by submitting requests to the image upload endpoint. Attackers can upload PHP files through the imgFile parameter to the...

8.8CVSS6.3AI score0.00896EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/24 11:27 a.m.3 views

CVE-2019-25630 PhreeBooks ERP 5.2.3 Arbitrary File Upload via Image Manager

PhreeBooks ERP 5.2.3 contains an arbitrary file upload vulnerability in the Image Manager component that allows authenticated attackers to upload malicious files by submitting requests to the image upload endpoint. Attackers can upload PHP files through the imgFile parameter to the...

8.8CVSS6.3AI score0.00896EPSS
Exploits1References4
CVE
CVE
added 2026/03/24 11:27 a.m.11 views

CVE-2019-25630

PhreeBooks ERP 5.2.3 contains an arbitrary file upload vulnerability in the Image Manager. Authenticated attackers can upload PHP files via the imgFile parameter to bizuno/image/manager and trigger remote code execution through bizunoFS.php. This is a network-accessible issue with high impact on ...

8.8CVSS6.3AI score0.00896EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2026/03/24 12:0 a.m.7 views

PhreeSoft PhreeBooks ERP 跨站脚本漏洞

PhreeSoft PhreeBooks ERP is a business resource planning software provided by PhreeSoft Corporation, which offers enterprise financial management and business process handling functions. Version 5.2.3 of PhreeSoft PhreeBooks ERP contains a cross-site scripting vulnerability. This vulnerability...

8.8CVSS5.8AI score0.00896EPSS
Exploits1References4
Rows per page
Query Builder