Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 11:18 p.m.12 views

CVE-2025-5007

A vulnerability was found in Part-DB up to 1.17.0. It has been declared as problematic. Affected by this vulnerability is the function handleUpload of the file src/Services/Attachments/AttachmentSubmitHandler.php of the component Profile Picture Feature. The manipulation of the argument attachmen...

5.1CVSS6.5AI score0.00269EPSS
Exploits0References1
NVD
NVD
added 2025/05/20 11:15 p.m.34 views

CVE-2025-5007

A vulnerability was found in Part-DB up to 1.17.0. It has been declared as problematic. Affected by this vulnerability is the function handleUpload of the file src/Services/Attachments/AttachmentSubmitHandler.php of the component Profile Picture Feature. The manipulation of the argument attachmen...

5.1CVSS0.00269EPSS
Exploits0References6
OSV
OSV
added 2025/05/20 11:0 p.m.12 views

CVE-2025-5007 Part-DB Profile Picture Feature AttachmentSubmitHandler.php handleUpload cross site scripting

A vulnerability was found in Part-DB up to 1.17.0. It has been declared as problematic. Affected by this vulnerability is the function handleUpload of the file src/Services/Attachments/AttachmentSubmitHandler.php of the component Profile Picture Feature. The manipulation of the argument attachmen...

5.1CVSS3.7AI score0.00269EPSS
Exploits0References8
CVE
CVE
added 2025/05/20 11:0 p.m.53 views

CVE-2025-5007

Part-DB up to 1.17.0 exposes a cross-site scripting (XSS) vulnerability in the Profile Picture Feature. The issue lies in handleUpload (src/Services/Attachments/AttachmentSubmitHandler.php) where the attachment argument can be manipulated to inject scripts. It can be exploited remotely and an exp...

5.1CVSS3.9AI score0.00269EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2025/01/23 12:0 a.m.15 views

PT-2025-3436 · Wallos · Wallos

Name of the Vulnerable Software and Affected Versions: Wallos version 2.41.0 Description: The issue allows a remote attacker to execute arbitrary code via the profile picture function. This is a result of a Cross Site Scripting vulnerability. Recommendations: For Wallos version 2.41.0, consider...

6.4CVSS8AI score0.00444EPSS
Exploits1References7
CNNVD
CNNVD
added 2024/03/13 12:0 a.m.4 views

Student Enrollment In PHP Security Vulnerability

Student Enrollment In PHP is a code-projects open source student enrollment system. A security vulnerability exists in Student Enrollment In PHP version 1.0 due to an arbitrary file upload vulnerability in the Add Students Profile Picture feature...

9.8CVSS7AI score0.00788EPSS
Exploits0References2
Rows per page
Query Builder