Lucene search
K

10 matches found

OSV
OSV
added 2026/05/07 7:49 p.m.5 views

GHSA-VF3Q-FRMR-VRR9 FacturaScripts Vulnerable to Authenticated Remote Code Execution (RCE) via GIF Image Upload in Product Images

CVE-2026-42879 - FacturaScripts - Authenticated Unrestricted File Upload via MIME Type Bypass Summary An authenticated unrestricted file upload vulnerability exists in FacturaScripts' product image upload functionality. An attacker with valid credentials can upload a PHP file disguised as a GIF...

6.3CVSS5.8AI score0.00229EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/07 12:0 a.m.15 views

PT-2026-38617

Name of the Vulnerable Software and Affected Versions FacturaScripts versions prior to 2025.81 Description An authenticated unrestricted file upload issue exists in the product image upload functionality. An attacker with valid credentials can bypass MIME type validation by prepending GIF89a magi...

6.3CVSS6.1AI score0.00229EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/08/23 4:16 p.m.5 views

CVE-2025-55743

UnoPim is an open-source Product Information Management PIM system built on the Laravel framework. Before 0.2.1, the image upload at the user creation feature performs only client side file type validation. A user can capture the request by uploading an image, capture the request through a Proxy...

8.8CVSS6.2AI score0.00446EPSS
Exploits1References1
0day.today
0day.today
added 2021/11/15 12:0 a.m.322 views

PHP Laravel 8.70.1 - Cross Site Scripting to Cross Site Request Forgery Vulnerability

Exploit Title: PHP Laravel 8.70.1 - Cross Site Scripting XSS to Cross Site Request Forgery CSRF Exploit Author: Hosein Vita Vendor Homepage: https://laravel.com/ Software Link: https://laravel.com/docs/4.2 Version: Laravel Framework 8.70.1 Tested on: Windows/Linux Description: We can bypass larav...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2021/11/15 12:0 a.m.297 views

PHP Laravel 8.70.1 Cross Site Request Forgery / Cross Site Scripting

Exploit Title: PHP Laravel 8.70.1 - Cross Site Scripting XSS to Cross Site Request Forgery CSRF Date: 14/11/2021 Exploit Author: Hosein Vita Vendor Homepage: https://laravel.com/ Software Link: https://laravel.com/docs/4.2 Version: Laravel Framework 8.70.1 Tested on: Windows/Linux Description: We...

7.1AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2021/10/29 6:15 p.m.4 views

CVE-2021-41646

Remote Code Execution RCE vulnerability exists in Sourcecodester Online Reviewer System 1.0 by uploading a maliciously crafted PHP file that bypasses the image upload filters...

9.8CVSS7.4AI score0.06985EPSS
Exploits1References3
OSV
OSV
added 2021/10/29 5:15 p.m.2 views

CVE-2021-41644

Remote Code Exection RCE vulnerability exists in Sourcecodester Online Food Ordering System 2.0 via a maliciously crafted PHP file that bypasses the image upload filters...

9.8CVSS7.4AI score
Exploits0References1
CNNVD
CNNVD
added 2021/10/29 12:0 a.m.5 views

Online Reviewer System 代码问题漏洞

Online Reviewer System is an application. Online Reviewer System version 1.0 contains a remote code execution vulnerability that could be exploited by attackers to bypass image upload filters and upload maliciously crafted PHP files...

9.8CVSS6.6AI score0.06985EPSS
Exploits1References3
CNNVD
CNNVD
added 2021/10/29 12:0 a.m.4 views

Online Reviewer System 代码问题漏洞

Online Reviewer System is a software application. An online reviewer system. A security vulnerability exists in Sourcecodester Online Reviewer System version 2.0, which allows an attacker to bypass the image upload filter and upload a maliciously crafted PHP file...

9.8CVSS8.4AI score0.02372EPSS
Exploits1References2
0day.today
0day.today
added 2013/03/22 12:0 a.m.19 views

Silentblast Interactive Multiple Vulnerabilities

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

7.1AI score
Exploits0
Rows per page
Query Builder