291 matches found
wangmarket 代码问题漏洞
wangmarket is a privatized deployment of your own SAAS cloud builder system for xnx3 individual developers in China. A code issue vulnerability exists in wangmarket 6.4 and earlier versions, which stems from the incorrect operation of the parameter image in the file /sits/uploadImage.do, which...
College Notes Uploading System Code Issue Vulnerability
College Notes Uploading System is a college notes uploading system. College Notes Uploading System has a code issue vulnerability that stems from an unknown function in the /dashboard/userprofile.php file that mishandles the image parameter. An attacker can exploit this vulnerability to upload...
CVE-2025-15197
A security flaw has been discovered in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. This vulnerability affects unknown code of the file /admin/editposts.php. Performing manipulation of the argument image results in unrestricted upload. The attack may be initiated...
BiggiDroid Simple PHP CMS 代码问题漏洞
BiggiDroid Simple PHP CMS is a content management system from BiggiDroid open source. A code issue vulnerability exists in BiggiDroid Simple PHP CMS version 1.0, which stems from the incorrect manipulation of the parameter image in the file /admin/edit.php, which can lead to unrestricted uploads...
CVE-2025-15197 code-projects/anirbandutta9 Content Management System/News-Buzz editposts.php unrestricted upload
A security flaw has been discovered in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. This vulnerability affects unknown code of the file /admin/editposts.php. Performing manipulation of the argument image results in unrestricted upload. The attack may be initiated...
CVE-2025-15197 code-projects/anirbandutta9 Content Management System/News-Buzz editposts.php unrestricted upload
A security flaw has been discovered in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. This vulnerability affects unknown code of the file /admin/editposts.php. Performing manipulation of the argument image results in unrestricted upload. The attack may be initiated...
CVE-2025-15197
The CVE-2025-15197 entry concerns code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. The flaw is in the admin/editposts.php file, where manipulating the image parameter allows an unrestricted upload. This enables remote exploitation as indicated by the public exploit. Affect...
Code-Projects College Notes Uploading System 代码问题漏洞
College Notes Uploading System is a college notes uploading system. College Notes Uploading System has a code issue vulnerability that stems from an unknown function in the /dashboard/userprofile.php file that mishandles the image parameter. An attacker can exploit this vulnerability to upload...
PT-2025-53763
Name of the Vulnerable Software and Affected Versions code-projects/anirbandutta9 Content Management System and News-Buzz version 1.0 Description A security flaw exists in code-projects/anirbandutta9 Content Management System and News-Buzz 1.0. The issue involves unrestricted upload due to...
Code-Projects Content Management System 代码问题漏洞
Code-Projects Content Management System is a Code-Projects open source content and management system. A code issue vulnerability exists in Code-Projects Content Management System version 1.0, which stems from an incorrect manipulation of the parameter image in the file /admin/editposts.php, which...
PT-2025-53773
Name of the Vulnerable Software and Affected Versions code-projects College Notes Uploading System version 1.0 Description A security issue exists in code-projects College Notes Uploading System 1.0. The manipulation of the image argument in an unknown function within the /dashboard/userprofile.p...
Computer Laboratory System File Upload Vulnerability
Computer Laboratory System is a computer laboratory system. Computer Laboratory System has a file upload vulnerability that originates from a misbehavior of the parameter image in the file technicalstaffpic.php, which can be exploited by an attacker to cause an arbitrary file upload...
Computer Laboratory System admin_pic.php File Upload Vulnerability
Computer Laboratory System is a computer laboratory system. Computer Laboratory System has a file upload vulnerability that originates from the mishandling of the image parameter by an unknown handler function in the /admin/adminpic.php file. An attacker can exploit this vulnerability to upload...
CVE-2025-14641
The connected CNVD, RH Red Hat entry, CNNVD, EUVD, NVD, CVE/CVEList, and CVE Records describe a vulnerability in code-projects Computer Laboratory System 1.0 affecting /admin/admin_pic.php where mishandling of the image parameter enables unrestricted file upload. This is a remote-exploitable flaw...
PT-2025-51140
A flaw has been found in code-projects Computer Laboratory System 1.0. This issue affects some unknown processing of the file admin/admin pic.php. This manipulation of the argument image causes unrestricted upload. The attack may be initiated remotely. The exploit has been published and may be us...
Code-Projects Computer Laboratory System 代码问题漏洞
Computer Laboratory System is a computer laboratory system. Computer Laboratory System has a file upload vulnerability that originates from the mishandling of the image parameter by an unknown handler function in the /admin/adminpic.php file. An attacker can exploit this vulnerability to upload...
CVE-2025-13966
The Paypal Payment Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'buttomimage' parameter of the paypal-shortcode shortcode in all versions up to, and including, 1.01 due to insufficient input sanitization and output escaping. This makes it possible for...
EUVD-2025-202977
The Paypal Payment Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'buttomimage' parameter of the paypal-shortcode shortcode in all versions up to, and including, 1.01 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2025-13966 Paypal Payment Shortcode <= 1.01 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'buttom_image' Shortcode Attribute
The Paypal Payment Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'buttomimage' parameter of the paypal-shortcode shortcode in all versions up to, and including, 1.01 due to insufficient input sanitization and output escaping. This makes it possible for...
PT-2025-50836
The Paypal Payment Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'buttom image' parameter of the paypal-shortcode shortcode in all versions up to, and including, 1.01 due to insufficient input sanitization and output escaping. This makes it possible for...