CVE-2019-25673 UniSharp Laravel File Manager v2.0.0-alpha7 Arbitrary File Upload

UniSharp Laravel File Manager v2.0.0-alpha7 and v2.0 contain an arbitrary file upload vulnerability that allows authenticated attackers to upload malicious files by sending multipart form data to the upload endpoint. Attackers can upload PHP files with the type parameter set to Files and execute...

HytaleModding Wiki 代码问题漏洞

HytaleModding Wiki is an open-source documentation platform for Hytale Modding. Versions of HytaleModding Wiki prior to 1.2.0 had code vulnerabilities. These vulnerabilities stemmed from the quickUpload endpoint’s validation of MIME types, but it used file extensions provided by the client, which...

PT-2026-2814

Name of the Vulnerable Software and Affected Versions The News and Blog Designer Bundle plugin for WordPress versions prior to 1.2 Description The plugin is susceptible to a Local File Inclusion issue via the template parameter. This allows unauthenticated attackers to include and execute arbitra...

CVE-2022-50912

ImpressCMS 1.4.4 is affected by a file upload vulnerability caused by weak extension sanitization. The issue allows bypassing upload restrictions using alternative extensions such as .php2, .php6, .php7, .phps, and .pht to upload and potentially execute arbitrary PHP code on the server. The CVE e...

TYPO3 CMS 安全漏洞

TYPO3 CMS is a content management system from TYPO3 open source. A security vulnerability exists in TYPO3 CMS , the vulnerability stems from a mail file staging deserialization flaw , which could lead to arbitrary PHP code execution . The following versions are affected: version 10.0.0 to 10.4.54...

PT-2026-4322

Name of the Vulnerable Software and Affected Versions Moodle affected versions not specified Description A flaw exists in Moodle that allows an attacker with access to the restore interface to trigger server-side execution of arbitrary code. This is caused by inadequate validation of restore inpu...

PT-2025-51253

An SSTI Server-Side Template Injection vulnerability exists in the get contract template method of Frappe ERPNext through 15.89.0. The function renders attacker-controlled Jinja2 templates contract terms using frappe.render template with a user-supplied context doc. Although Frappe uses a custom...

CVE-2025-13088

The Category and Product Woocommerce Tabs plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.0. This is due to insufficient input validation on the 'template' parameter in the categoryProductTab function. This makes it possible for authenticated...

CVE-2025-10686 Creta Testimonial Showcase < 1.2.4 - Editor+ Local File Inclusion

The Creta Testimonial Showcase WordPress plugin before 1.2.4 is vulnerable to Local File Inclusion. This makes it possible for authenticated attackers, with editor-level access and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files...

CVE-2025-62429

ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.2 147, ClipBucket v5 is vulnerable to arbitrary PHP code execution. In /upload/adminarea/actions/updatelaunch.php, the "type" parameter from a POST request is embedded into PHP tags and executed. Proper sanitization is n...

EUVD-2025-26999

Malicious code in bioql PyPI...

CVE-2025-10050

The Developer Loggers for Simple History plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 0.5 via the enabledloggers parameter. This makes it possible for authenticated attackers, with Administrator-level access and above, to include and execute...

PT-2025-33591 · WordPress · Soledad

Name of the Vulnerable Software and Affected Versions: Soledad theme for WordPress versions through 8.6.7 Description: The Soledad theme for WordPress is susceptible to a Local File Inclusion issue via the header layout parameter. This allows authenticated attackers with Contributor-level access ...

CVE-2025-53909 mailcow: dockerized vulnerable to SSTI in Quota and Quarantine Notification Template

mailcow: dockerized is an open source groupware/email suite based on docker. A Server-Side Template Injection SSTI vulnerability exists in versions prior to 2025-07 in the notification template system used by mailcow for sending quota and quarantine alerts. The template rendering engine allows...

CVE-2023-37908

XWiki Rendering is a generic Rendering system that converts textual input in a given syntax into another syntax. The cleaning of attributes during XHTML rendering, introduced in version 14.6-rc-1, allowed the injection of arbitrary HTML code and thus cross-site scripting via invalid attribute...

CVE-2023-1716

Cross-site scripting XSS vulnerability in Invoice Edit Page in Bitrix24 22.0.300 allows attackers to execute arbitrary JavaScript code in the victim's browser, and possibly execute arbitrary PHP code on the server if the victim has administrator privilege...

Vtiger CRM Open Source Edition 安全漏洞

Vtiger CRM Open Source Edition is a customer relationship management software from Vtiger, Inc. A security vulnerability exists in Vtiger CRM Open Source Edition version v8.3.0, which originates from the ZIP import feature and could lead to the execution of arbitrary PHP code...

CVE-2024-51757 Fixes security vulnerability that allowed for server side code to be executed by a <script> tag

happy-dom is a JavaScript implementation of a web browser without its graphical user interface. Versions of happy-dom prior to 15.10.2 may execute code on the host via a script tag. This would execute code in the user context of happy-dom. Users are advised to upgrade to version 15.10.2. There ar...

CVE-2024-6467

The BookingPress – Appointment Booking Calendar Plugin and Online Scheduling Plugin plugin for WordPress is vulnerable to Arbitrary File Read to Arbitrary File Creation in all versions up to, and including, 1.1.5 via the 'bookingpresssavelitewizardsettingsfunc' function. This makes it possible fo...

CVE-2024-3500

The ElementsKit Pro plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.6.0 via the Price Menu, Hotspot, and Advanced Toggle widgets. This makes it possible for authenticated attackers, with contributor-level access and above, to include and execute...