Lucene search
K

291 matches found

CNNVD
CNNVD
added 2026/01/01 12:0 a.m.5 views

wangmarket 代码问题漏洞

wangmarket is a privatized deployment of your own SAAS cloud builder system for xnx3 individual developers in China. A code issue vulnerability exists in wangmarket 6.4 and earlier versions, which stems from the incorrect operation of the parameter image in the file /sits/uploadImage.do, which...

5.8CVSS5.2AI score0.00206EPSS
Exploits1References4
CNVD
CNVD
added 2025/12/31 12:0 a.m.6 views

College Notes Uploading System Code Issue Vulnerability

College Notes Uploading System is a college notes uploading system. College Notes Uploading System has a code issue vulnerability that stems from an unknown function in the /dashboard/userprofile.php file that mishandles the image parameter. An attacker can exploit this vulnerability to upload...

8.8CVSS6.7AI score0.00238EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/30 5:9 p.m.5 views

CVE-2025-15197

A security flaw has been discovered in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. This vulnerability affects unknown code of the file /admin/editposts.php. Performing manipulation of the argument image results in unrestricted upload. The attack may be initiated...

7.2CVSS7AI score0.00292EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/12/30 12:0 a.m.4 views

BiggiDroid Simple PHP CMS 代码问题漏洞

BiggiDroid Simple PHP CMS is a content management system from BiggiDroid open source. A code issue vulnerability exists in BiggiDroid Simple PHP CMS version 1.0, which stems from the incorrect manipulation of the parameter image in the file /admin/edit.php, which can lead to unrestricted uploads...

7.2CVSS5.1AI score0.00292EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/12/29 5:2 p.m.3 views

CVE-2025-15197 code-projects/anirbandutta9 Content Management System/News-Buzz editposts.php unrestricted upload

A security flaw has been discovered in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. This vulnerability affects unknown code of the file /admin/editposts.php. Performing manipulation of the argument image results in unrestricted upload. The attack may be initiated...

5.8CVSS6.7AI score0.00292EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/12/29 5:2 p.m.29 views

CVE-2025-15197 code-projects/anirbandutta9 Content Management System/News-Buzz editposts.php unrestricted upload

A security flaw has been discovered in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. This vulnerability affects unknown code of the file /admin/editposts.php. Performing manipulation of the argument image results in unrestricted upload. The attack may be initiated...

5.8CVSS0.00292EPSS
Exploits1References4
CVE
CVE
added 2025/12/29 5:2 p.m.14 views

CVE-2025-15197

The CVE-2025-15197 entry concerns code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. The flaw is in the admin/editposts.php file, where manipulating the image parameter allows an unrestricted upload. This enables remote exploitation as indicated by the public exploit. Affect...

7.2CVSS5.2AI score0.00292EPSS
Exploits1References4Affected Software2
CNNVD
CNNVD
added 2025/12/29 12:0 a.m.3 views

Code-Projects College Notes Uploading System 代码问题漏洞

College Notes Uploading System is a college notes uploading system. College Notes Uploading System has a code issue vulnerability that stems from an unknown function in the /dashboard/userprofile.php file that mishandles the image parameter. An attacker can exploit this vulnerability to upload...

8.8CVSS6.7AI score0.00238EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/12/29 12:0 a.m.6 views

PT-2025-53763

Name of the Vulnerable Software and Affected Versions code-projects/anirbandutta9 Content Management System and News-Buzz version 1.0 Description A security flaw exists in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. The issue involves unrestricted upload due to...

7.2CVSS6.3AI score0.00292EPSS
Exploits1References9
CNNVD
CNNVD
added 2025/12/29 12:0 a.m.4 views

Code-Projects Content Management System 代码问题漏洞

Code-Projects Content Management System is a Code-Projects open source content and management system. A code issue vulnerability exists in Code-Projects Content Management System version 1.0, which stems from an incorrect manipulation of the parameter image in the file /admin/editposts.php, which...

7.2CVSS5.1AI score0.00292EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/12/29 12:0 a.m.4 views

PT-2025-53773

Name of the Vulnerable Software and Affected Versions code-projects College Notes Uploading System version 1.0 Description A security issue exists in code-projects College Notes Uploading System 1.0. The manipulation of the image argument in an unknown function within the /dashboard/userprofile.p...

8.8CVSS6.1AI score0.00238EPSS
Exploits0References11
CNVD
CNVD
added 2025/12/25 12:0 a.m.4 views

Computer Laboratory System File Upload Vulnerability

Computer Laboratory System is a computer laboratory system. Computer Laboratory System has a file upload vulnerability that originates from a misbehavior of the parameter image in the file technicalstaffpic.php, which can be exploited by an attacker to cause an arbitrary file upload...

7.2CVSS5.2AI score0.00337EPSS
Exploits1References1
CNVD
CNVD
added 2025/12/18 12:0 a.m.4 views

Computer Laboratory System admin_pic.php File Upload Vulnerability

Computer Laboratory System is a computer laboratory system. Computer Laboratory System has a file upload vulnerability that originates from the mishandling of the image parameter by an unknown handler function in the /admin/adminpic.php file. An attacker can exploit this vulnerability to upload...

7.2CVSS5.2AI score0.00337EPSS
Exploits1References1
CVE
CVE
added 2025/12/14 2:2 a.m.13 views

CVE-2025-14641

The connected CNVD, RH Red Hat entry, CNNVD, EUVD, NVD, CVE/CVEList, and CVE Records describe a vulnerability in code-projects Computer Laboratory System 1.0 affecting /admin/admin_pic.php where mishandling of the image parameter enables unrestricted file upload. This is a remote-exploitable flaw...

7.2CVSS6.5AI score0.00337EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2025/12/14 12:0 a.m.6 views

PT-2025-51140

A flaw has been found in code-projects Computer Laboratory System 1.0. This issue affects some unknown processing of the file admin/admin pic.php. This manipulation of the argument image causes unrestricted upload. The attack may be initiated remotely. The exploit has been published and may be us...

5.8CVSS6.8AI score0.00337EPSS
Exploits1References6
CNNVD
CNNVD
added 2025/12/14 12:0 a.m.17 views

Code-Projects Computer Laboratory System 代码问题漏洞

Computer Laboratory System is a computer laboratory system. Computer Laboratory System has a file upload vulnerability that originates from the mishandling of the image parameter by an unknown handler function in the /admin/adminpic.php file. An attacker can exploit this vulnerability to upload...

7.2CVSS5.1AI score0.00337EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2025/12/13 3:59 a.m.5 views

CVE-2025-13966

The Paypal Payment Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'buttomimage' parameter of the paypal-shortcode shortcode in all versions up to, and including, 1.01 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS5.1AI score0.00188EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/12 6:31 a.m.6 views

EUVD-2025-202977

The Paypal Payment Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'buttomimage' parameter of the paypal-shortcode shortcode in all versions up to, and including, 1.01 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS4.7AI score0.00188EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/12/12 3:20 a.m.2 views

CVE-2025-13966 Paypal Payment Shortcode <= 1.01 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'buttom_image' Shortcode Attribute

The Paypal Payment Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'buttomimage' parameter of the paypal-shortcode shortcode in all versions up to, and including, 1.01 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS4.8AI score0.00188EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/12/12 12:0 a.m.5 views

PT-2025-50836

The Paypal Payment Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'buttom image' parameter of the paypal-shortcode shortcode in all versions up to, and including, 1.01 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS5.1AI score0.00188EPSS
Exploits0References6
Rows per page
Query Builder