CVE-2025-28386

A remote code execution RCE vulnerability in the Plugin Management component of OpenC3 COSMOS v6.0.0 allows attackers to execute arbitrary code via uploading a crafted .txt file...

OpenC3 COSMOS 安全漏洞

OpenC3 COSMOS is an OpenC3 open source application. A security vulnerability exists in OpenC3 COSMOS version v6.0.0, which stems from the fact that uploading a specially crafted .txt file may result in the execution of arbitrary code...

PT-2024-35083 · Comodo · Itop

Name of the Vulnerable Software and Affected Versions: Combodo iTop versions prior to 3.2.0 Description: The issue is related to a Cross-site Scripting XSS vulnerability that can be triggered by uploading a text file containing JavaScript to the portal. This is a web-based IT Service Management...

CVE-2023-37781

An issue in the emqxsn plugin of EMQX v4.3.8 allows attackers to execute a directory traversal via uploading a crafted .txt file...

EMQ X 路径遍历漏洞

EMQ X is a fully open source, highly scalable and highly available distributed MQTT message broker. Ideal for IoT, M2M and mobile applications, it can handle tens of millions of concurrent clients. A security vulnerability exists in EMQ X v4.3.8. An attacker exploited the vulnerability to perform...

PT-2023-26104 · Emqx · Emqx +1

Name of the Vulnerable Software and Affected Versions: EMQX version 4.3.8 Description: An issue in the emqx sn plugin allows attackers to execute a directory traversal via uploading a crafted .txt file. Recommendations: For EMQX version 4.3.8, consider restricting access to the emqx sn plugin unt...

Classcms 代码问题漏洞

ClassCMS is a simple, flexible, secure and easy to expand content management system from China. A security vulnerability exists in Classcms v2.5 and lower versions, where an attacker can perform code injection by uploading a carefully crafted .txt file via the component classclassupload...