4 matches found
CVE-2025-63695
DzzOffice v2.3.7 and before is vulnerable to Arbitrary File Upload in /dzz/system/ueditor/php/controller.php...
CVE-2025-63695
DzzOffice v2.3.7 and earlier is vulnerable to an Arbitrary File Upload in /dzz/system/ueditor/php/controller.php. The core issue stems from a file upload mechanism in controller.php that allows uploading arbitrary files, potentially enabling remote code execution or other impact as described in p...
CVE-2025-63695
DzzOffice v2.3.7 and before is vulnerable to Arbitrary File Upload in /dzz/system/ueditor/php/controller.php...
ShirneCMS 路径遍历漏洞
ShirneCMS is an open source backend management system of Shirne Software Shirnecn. ShirneCMS version 1.2.0 has a path traversal vulnerability. Attackers use this vulnerability to read arbitrary files via /static/ueditor/php/controller.php...