1076 matches found
CVE-2026-39337
ChurchCRM is an open-source church management system. Prior to 7.1.0, critical pre-authentication remote code execution vulnerability in ChurchCRM's setup wizard allows unauthenticated attackers to inject arbitrary PHP code during the initial installation process, leading to complete server...
Deserialization of Untrusted Data
Overview Affected versions of this package are vulnerable to Deserialization of Untrusted Data in the jato.clientSession HTTP parameter of the deserializeAttributes function. An attacker can execute arbitrary code on the server by sending a crafted serialized Java object to endpoints that process...
Remote Code Execution
D-Tale is vulnerable to Remote Code Execution. The vulnerability is due to the use of redis or shelf storage layer, where users hosting D-Tale publicly could allow attackers to run malicious code on the server...
CVE-2025-59710
An issue was discovered in Biztalk360 before 11.5. Because of incorrect access control, any user is able to request the loading a DLL file. During the loading, a method is called. An attacker can craft a malicious DLL, upload it to the server, and use it to achieve remote code execution on the...
CVE-2026-2701
Authenticated user can upload a malicious file to the server and execute it, which leads to remote code execution...
EUVD-2026-17743
XenForo before 2.3.9 and before 2.2.18 allows remote code execution RCE by authenticated, but malicious, admin users. An attacker with admin panel access can execute arbitrary code on the server...
cpython: IMAP command injection in user-controlled commands
A flaw was found in the imaplib module in the Python standard library. The imaplib module does not reject control characters, such as newlines, in user-controlled input passed to IMAP commands. This issue allows an attacker to inject additional commands to be executed in the IMAP server...
CVE-2026-33940
Handlebars provides the power necessary to let users build semantic templates. In versions 4.0.0 through 4.7.8, a crafted object placed in the template context can bypass all conditional guards in resolvePartial and cause invokePartial to return undefined. The Handlebars runtime then treats the...
PT-2026-28292
Name of the Vulnerable Software and Affected Versions HCL Aftermarket DPC affected versions not specified Description The software is subject to an unrestricted file upload issue. This allows an attacker to upload and execute malicious scripts, potentially gaining complete control over the server...
CVE-2026-32482
Unrestricted Upload of File with Dangerous Type vulnerability in deothemes Ona ona allows Upload a Web Shell to a Web Server.This issue affects Ona: from n/a through 1.24...
WordPress plugin Ona 代码问题漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
CVE-2026-32985 Xerte Online Toolkits <= 3.14 Unauthenticated Template Import Arbitrary File Upload Leading to Remote Code Execution
Xerte Online Toolkits versions 3.14 and earlier contain an unauthenticated arbitrary file upload vulnerability in the template import functionality that allows remote attackers to execute arbitrary code by uploading a crafted ZIP archive containing malicious PHP payloads. Attackers can bypass...
CVE-2026-32756
Admidio is an open-source user management solution. Versions 5.0.6 and below contain a critical unrestricted file upload vulnerability in the Documents & Files module. Due to a design flaw in how CSRF token validation and file extension verification interact within UploadHandlerFile.php, an...
EUVD-2026-12598
The GL-iNet Comet GL-RM1 KVM does not sufficiently verify the authenticity of uploaded firmware files. An attacker-in-the-middle or a compromised update server could modify the firmware and the corresponding MD5 hash to pass verification...
CVE-2026-32290 GL-iNet Comet (GL-RM1) KVM insufficient firmware verification
The GL-iNet Comet GL-RM1 KVM before version 1.8.2 does not sufficiently verify the authenticity of uploaded firmware files. An attacker-in-the-middle or a compromised update server could modify the firmware and the corresponding MD5 hash to pass verification...
GL-iNet Comet 安全漏洞
GL-iNet Comet is a portable, multi-functional network device developed by GL-iNet Corporation in China. There is a security vulnerability present in GL-iNet Comet, which stems from insufficient verification of the authenticity of uploaded firmware files. This vulnerability may allow intermediate...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal via the ajaxdeletefile function. An attacker can delete arbitrary files on the server by sending crafted requests as an authenticated user with Contributor-level access or higher. This can result in the deletion of...
CVE-2026-29058
AVideo is a video-sharing Platform software. Prior to version 7.0, an unauthenticated attacker can execute arbitrary OS commands on the server by injecting shell command substitution into the base64Url GET parameter. This can lead to full server compromise, data exfiltration e.g., configuration...
CVE-2025-70995
An issue in Aranda Service Desk Web Edition ASDK API 8.6 allows authenticated attackers to achieve remote code execution due to improper validation of uploaded files. An authenticated user can upload a crafted web.config file by sending a crafted POST request to /ASDKAPI/api/v8.6/item/addfile,...
CVE-2026-29058 AVideo: Unauthenticated OS Command Injection via base64Url in objects/getImage.php
AVideo is a video-sharing Platform software. Prior to version 7.0, an unauthenticated attacker can execute arbitrary OS commands on the server by injecting shell command substitution into the base64Url GET parameter. This can lead to full server compromise, data exfiltration e.g., configuration...