126 matches found
CVE-2026-23698
Vtiger CRM through 8.4.0 contains an authenticated remote code execution vulnerability in the admin module import feature that allows administrator-level attackers to upload arbitrary PHP files by submitting a crafted zip archive through the ModuleManager import function, which extracts contents...
CVE-2024-6228 WANotifier < 2.6 - Subscriber+ LFI
The Notifications for Forms & WordPress Actions WordPress plugin before 2.6 does not validate a user-supplied value before using it to build a server-side file inclusion path, allowing authenticated users with subscriber-level access and above to include and execute arbitrary local PHP files on t...
EUVD-2026-33277
Mautic vulnerable to Path Traversal via Campaign Import...
PT-2026-50994
Name of the Vulnerable Software and Affected Versions Joomla! Component vBizz version 1.0.7 Description An unrestricted file upload issue allows authenticated attackers to upload arbitrary PHP files. This is achieved by submitting malicious files through the profile pic parameter via POST request...
CVE-2016-20075
CVE-2016-20075 affects WordPress Ultimate Product Catalog 3.8.6. The vulnerability is an arbitrary file upload via the custom fields feature, exploitable by authenticated users with contributor, editor, author, or administrator roles. By uploading malicious files (e.g., PHP shells) through the Pr...
CVE-2016-20075 WordPress Ultimate Product Catalog 3.8.6 Arbitrary File Upload RCE
WordPress Ultimate Product Catalog 3.8.6 contains an arbitrary file upload vulnerability that allows authenticated users with contributor, editor, author, or administrator roles to upload malicious files by exploiting the custom fields functionality. Attackers can upload PHP shells through the...
GHSA-8GHR-W65F-J3QR FUXA's scheduler API missing admin check enables operator-to-admin escalation via scheduled device actions
Summary An authorization issue in the Scheduler API allowed authenticated non-admin users to create or modify scheduled actions that should be restricted to administrators. Details The Scheduler API did not correctly enforce administrator permissions when processing scheduler modifications. As a...
CVE-2023-54350
WordPress Augmented-Reality plugin contains a remote code execution vulnerability in the elFinder connector that allows unauthenticated attackers to upload and execute arbitrary PHP files. Attackers can send POST requests to the connector.minimal.php endpoint with mkfile and put commands to creat...
PT-2026-47232
Name of the Vulnerable Software and Affected Versions WordPress Augmented-Reality plugin affected versions not specified Description A remote code execution issue exists in the elFinder connector. Unauthenticated attackers can upload and execute arbitrary PHP files by sending POST requests to the...
PT-2026-47559
Summary An authorization issue in the Scheduler API allowed authenticated non-admin users to create or modify scheduled actions that should be restricted to administrators. Details The Scheduler API did not correctly enforce administrator permissions when processing scheduler modifications. As a...
CVE-2026-34184
Hydrosystem Control System does not enforce authorization for some directories. This allows an unauthorized attacker to read all files in these directories and even execute some of them. Critically the attacker could run PHP scripts directly on the connected database.This issue was fixed in...
CVE-2018-25388
HaPe PKH 1.1 has an arbitrary file upload vulnerability that bypasses file type validation, allowing authenticated attackers to upload PHP files and execute arbitrary code on the server. Affected endpoints include aksi_foto.php, aksi_user.php, and aksi_kecamatan.php. CVSS metrics indicate high im...
CVE-2026-9559
A path traversal vulnerability exists in the campaign import feature of Mautic 7. When extracting uploaded ZIP files during campaign imports, a flaw in the validation logic allows file paths to escape the intended temporary directories. An authenticated user with campaign import privileges...
FUXA's Unauthenticated Project Data Disclosure Exposes Server-Side Scripts and Device Configurations
Summary The GET /api/project endpoint exposes sensitive project configuration data to guest-context requests even when secureEnabled is enabled. Details File: server/api/projects/index.js javascript prjApp.get"/api/project", secureFnc, functionreq, res const permission = checkGroupsFncreq;...
GHSA-Q3W6-Q3HC-C5X6 FUXA's Unauthenticated Project Data Disclosure Exposes Server-Side Scripts and Device Configurations
Summary The GET /api/project endpoint exposes sensitive project configuration data to guest-context requests even when secureEnabled is enabled. Details File: server/api/projects/index.js javascript prjApp.get"/api/project", secureFnc, functionreq, res const permission = checkGroupsFncreq;...
PT-2026-44163
Name of the Vulnerable Software and Affected Versions FUXA version 1.3.0 Description The '/api/project' endpoint exposes sensitive SCADA/HMI project configuration data to unauthenticated requests. This occurs because the secureFnc middleware utilizes a function that automatically generates a vali...
EUVD-2020-31228
HS Brand Logo Slider 2.1 contains an unrestricted file upload vulnerability that allows authenticated users to bypass client-side file extension validation by uploading arbitrary files. Attackers can intercept upload requests to the logoupload parameter in the admin interface and rename files to...
CubeCart 代码问题漏洞
CubeCart is an open-source e-commerce software developed by CubeCart. Versions of CubeCart prior to 6.7.0 had code vulnerabilities. These vulnerabilities stemmed from the REST API file manager endpoint, which allowed users with API keys to upload PHP source files to web-accessible directories...
CVE-2021-47943
TextPattern CMS 4.8.7 contains a remote code execution vulnerability that allows authenticated attackers to execute arbitrary commands by uploading malicious PHP files through the file upload functionality. Attackers can upload a PHP shell via the Files section in the content area and execute...
Textpattern CMS 代码问题漏洞
TextPattern CMS is a content management system based on PHP developed by the TextPattern team. Version 4.8.7 of TextPattern CMS has a code vulnerability that stems from a remote code execution flaw in the file upload function. This vulnerability could allow authenticated attackers to execute...