Lucene search
K

91 matches found

redhatcve
redhatcve
added 2025/10/28 5:53 p.m.4 views

CVE-2025-12301

A security vulnerability has been detected in code-projects Simple Food Ordering System 1.0. Impacted is an unknown function of the file /editproduct.php. Such manipulation of the argument photo leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed...

9.8CVSS6.7AI score0.00479EPSS
Exploits1References1
osv
osv
added 2025/10/28 6:15 a.m.5 views

CVE-2025-12378

A security flaw has been discovered in code-projects Simple Food Ordering System 1.0. This issue affects some unknown processing of the file /addproduct.php. Performing manipulation of the argument photo results in unrestricted upload. The attack may be initiated remotely. The exploit has been...

9.8CVSS5.6AI score0.00479EPSS
Exploits1References5
euvd
euvd
added 2025/10/28 5:32 a.m.4 views

EUVD-2025-36433

A security flaw has been discovered in code-projects Simple Food Ordering System 1.0. This issue affects some unknown processing of the file /addproduct.php. Performing manipulation of the argument photo results in unrestricted upload. The attack may be initiated remotely. The exploit has been...

7.5CVSS6.4AI score0.00479EPSS
Exploits1References6
cve
cve
added 2025/10/28 5:32 a.m.16 views

CVE-2025-12378

The CVE-2025-12378 entry corresponds to a vulnerability in code-projects Simple Food Ordering System 1.0, specifically in the upload handling of the parameter photo via /addproduct.php. The issue arises from lack of validation of uploaded files, allowing unrestricted upload when manipulating the ...

9.8CVSS7.2AI score0.00479EPSS
Exploits1References5Affected Software1
cnnvd
cnnvd
added 2025/10/28 12:0 a.m.3 views

Code-Projects Simple Food Ordering System 代码问题漏洞

Simple Food Ordering System is a simple food ordering system. Simple Food Ordering System has a file upload vulnerability that stems from the lack of valid validation of uploaded files by the parameter photo in the file /addproduct.php. No details of the vulnerability are available at this time...

9.8CVSS7AI score0.00479EPSS
Exploits1References6
osv
osv
added 2025/10/27 6:15 p.m.4 views

CVE-2025-12301

A security vulnerability has been detected in code-projects Simple Food Ordering System 1.0. Impacted is an unknown function of the file /editproduct.php. Such manipulation of the argument photo leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed...

9.8CVSS5.6AI score0.00479EPSS
Exploits1References5
euvd
euvd
added 2025/10/27 5:32 p.m.5 views

EUVD-2025-36221

A security vulnerability has been detected in code-projects Simple Food Ordering System 1.0. Impacted is an unknown function of the file /editproduct.php. Such manipulation of the argument photo leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed...

7.5CVSS6.3AI score0.00479EPSS
Exploits1References6
cnvd
cnvd
added 2025/10/13 12:0 a.m.2 views

Voting System voters_add.php File Upload Vulnerability

Voting System is an election system. Voting System has a file upload vulnerability that stems from the lack of valid validation of uploaded files by the parameter photo in file /admin/votersadd.php. An attacker can exploit this vulnerability to upload malicious files...

9.8CVSS7AI score0.0041EPSS
Exploits1References1
redhatcve
redhatcve
added 2025/10/09 12:14 a.m.10 views

CVE-2025-11417

A weakness has been identified in Campcodes Advanced Online Voting Management System 1.0. This vulnerability affects unknown code of the file /admin/votersadd.php. Executing manipulation of the argument photo can lead to unrestricted upload. The attack can be launched remotely. The exploit has be...

8.8CVSS6.4AI score0.00299EPSS
Exploits1References1
nvd
nvd
added 2025/10/08 11:15 p.m.6 views

CVE-2025-11508

A security vulnerability has been detected in code-projects Voting System 1.0. This affects an unknown function of the file /admin/votersadd.php. Such manipulation of the argument photo leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed publicly and...

9.8CVSS0.0041EPSS
Exploits1References5
euvd
euvd
added 2025/10/08 10:32 p.m.6 views

EUVD-2025-33275

A security vulnerability has been detected in code-projects Voting System 1.0. This affects an unknown function of the file /admin/votersadd.php. Such manipulation of the argument photo leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed publicly and...

5.8CVSS6.3AI score0.0041EPSS
Exploits1References7
ptsecurity
ptsecurity
added 2025/10/08 12:0 a.m.6 views

PT-2025-41316

Name of the Vulnerable Software and Affected Versions code-projects Voting System version 1.0 Description A security issue exists in code-projects Voting System 1.0. Manipulation of the photo argument in the file '/admin/voters add.php' allows for unrestricted file upload. This can be exploited...

9.8CVSS4.5AI score0.0041EPSS
Exploits1References9
cnnvd
cnnvd
added 2025/10/08 12:0 a.m.7 views

Campcodes Advanced Online Voting Management System 代码问题漏洞

CampCodes Advanced Online Voting Management System is an advanced online voting management system from CampCodes Philippines, Inc. A code issue vulnerability exists in Campcodes Advanced Online Voting Management System version 1.0, which stems from the incorrect manipulation of the parameter phot...

8.8CVSS6.7AI score0.00299EPSS
Exploits1References6
cvelist
cvelist
added 2025/10/07 11:32 p.m.14 views

CVE-2025-11417 Campcodes Advanced Online Voting Management System voters_add.php unrestricted upload

A weakness has been identified in Campcodes Advanced Online Voting Management System 1.0. This vulnerability affects unknown code of the file /admin/votersadd.php. Executing manipulation of the argument photo can lead to unrestricted upload. The attack can be launched remotely. The exploit has be...

6.5CVSS0.00299EPSS
Exploits1References5
vulnrichment
vulnrichment
added 2025/09/27 8:32 p.m.4 views

CVE-2025-11078 itsourcecode Open Source Job Portal controller.php unrestricted upload

A vulnerability was identified in itsourcecode Open Source Job Portal 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/user/controller.php?action=photos. The manipulation of the argument photo leads to unrestricted upload. The attack is possible to be carried out...

6.5CVSS6.5AI score0.00302EPSS
Exploits1References5
cvelist
cvelist
added 2025/09/27 8:32 p.m.12 views

CVE-2025-11078 itsourcecode Open Source Job Portal controller.php unrestricted upload

A vulnerability was identified in itsourcecode Open Source Job Portal 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/user/controller.php?action=photos. The manipulation of the argument photo leads to unrestricted upload. The attack is possible to be carried out...

6.5CVSS0.00302EPSS
Exploits1References5
ptsecurity
ptsecurity
added 2025/09/27 12:0 a.m.6 views

PT-2025-39745

Name of the Vulnerable Software and Affected Versions itsourcecode Open Source Job Portal version 1.0 Description A flaw exists in itsourcecode Open Source Job Portal 1.0 that allows for unrestricted file uploads. This is due to the manipulation of the photo argument within the file...

6.5CVSS6.2AI score0.00302EPSS
Exploits1References10
nvd
nvd
added 2025/09/02 9:15 a.m.7 views

CVE-2025-41031

Lack of authorisation in Deporsite by T-INNOVA. This vulnerability allows an unauthenticated attacker to change other users' profile pictures via a POST request using the parameters ‘IdPersona’ and “Foto” in ‘/ajax/TInnovac/FotoUsuario/llamadaAjax/uploadImage’...

6.9CVSS0.00307EPSS
Exploits0References1
cve
cve
added 2025/08/19 6:32 p.m.20 views

CVE-2025-9153

CVE-2025-9153 affects the itsourcecode Online Tour and Travel Management System v1.0. The vulnerability is in the file /admin/operations/travellers.php where the photo parameter can be manipulated to achieve an unrestricted file upload. This is described as a remote, publicly exploitable issue. M...

8.8CVSS7.4AI score0.00402EPSS
Exploits1References5Affected Software1
cnnvd
cnnvd
added 2025/08/19 12:0 a.m.4 views

itsourcecode Online Tour and Travel Management System 安全漏洞

itsourcecode Online Tour and Travel Management System is a itsourcecode open source online tour and travel management system. A security vulnerability exists in version 1.0 of itsourcecode Online Tour and Travel Management System, which is caused by a misuse of the parameter photo in the file...

8.8CVSS6.8AI score0.00402EPSS
Exploits1References7
Rows per page
Query Builder