300 matches found
CVE-2025-52691 Upload Arbitrary Files
Successful exploitation of the vulnerability could allow an unauthenticated attacker to upload arbitrary files to any location on the mail server, potentially enabling remote code execution...
WordPress Royal Elementor Addons and Templates plugin <= 1.7.1036 - Missing Authorization to Unauthenticated Media File Upload vulnerability
Missing Authorization to Unauthenticated Media File Upload vulnerability discovered by Envel Le Clainche in WordPress Plugin Royal Elementor Addons versions = 1.7.1036...
EUVD-2025-203951
AVideo versions prior to 20.0 with the ImageGallery plugin enabled is vulnerable to unauthenticated file upload and deletion. Plugin endpoints responsible for managing gallery images fail to enforce authentication checks and do not validate ownership, allowing unauthenticated attackers to upload ...
AVideo 访问控制错误漏洞
AVideo is an open source broadcast network creation tool from World Wide Broadcast Network. An access control error vulnerability exists in AVideo versions prior to 20.0 that stems from a lack of authentication and ownership verification in the ImageGallery plugin endpoint, which could lead to...
CVE-2025-11363
The Royal Addons for Elementor WordPress plugin before 1.7.1037 does not have proper authorisation, allowing unauthenticated users to upload media files via the wpraddonsuploadfile action...
PT-2025-51197
The Royal Addons for Elementor WordPress plugin before 1.7.1037 does not have proper authorisation, allowing unauthenticated users to upload media files via the wpr addons upload file action...
WordPress plugin Royal Addons for Elementor 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin... A security...
Improper Access Control
dnn.platform is vulnerable to improper access control. The vulnerability is due to the default HTML editing configuration allowing unauthenticated file uploads, which allows an attacker to upload arbitrary files and potentially leverage them for further compromise...
Unrestricted File Upload
dnn.platform is vulnerable to Unrestricted File Upload. The vulnerability is due to the default HTML editor provider allowing unauthenticated file uploads and overwriting of existing files, which allows an attacker to upload malicious files, deface the website, and potentially inject XSS payloads...
EUVD-2025-202401
The Video Merchant plugin for WordPress is vulnerable to Cross-Site Request Forgery in version = 5.0.4. This is due to missing or incorrect nonce validation on the videomerchantaddvideofile function. This makes it possible for unauthenticated attackers to upload arbitrary files that make remote...
EUVD-2025-202360
PipesHub is a fully extensible workplace AI platform for enterprise search and workflow automation. Versions prior to 0.1.0-beta expose POST /api/v1/record/buffer/convert through missing authentication. The endpoint accepts a file upload and converts it to PDF via LibreOffice by uploading payload...
PT-2025-50316
Name of the Vulnerable Software and Affected Versions Video Merchant plugin for WordPress versions 5.0.4 and earlier Description The Video Merchant plugin for WordPress is susceptible to Cross-Site Request Forgery CSRF. This is due to inadequate nonce validation within the video merchant add vide...
CVE-2025-12673
CVE-2025-12673 affects the WordPress plugin Flex QR Code Generator (versions up to ≤ 1.2.6; notes also reference ≤ 1.2.7). The root cause is missing file type validation in update_qr_code(), enabling unauthenticated users to upload arbitrary files via the logo upload path. Attacks can store uploa...
Flexsense DiskBoss 代码问题漏洞
Flexsense DiskBoss is a disk management tool from Flexsense, Inc. A code issue vulnerability exists in Flexsense DiskBoss version 7.7.14, which originates from an unauthenticated attacker who can upload arbitrary files, potentially causing the application to crash...
CVE-2025-13516
The SureMail – SMTP and Email Logs Plugin for WordPress is vulnerable to Unrestricted Upload of File with Dangerous Type in versions up to and including 1.9.0. This is due to the plugin's savefile function in inc/emails/handler/uploads.php which duplicates all email attachments to a web-accessibl...
CVE-2025-65112
PubNet is a self-hosted Dart & Flutter package service. Prior to version 1.1.3, the /api/storage/upload endpoint in PubNet allows unauthenticated users to upload packages as any user by providing arbitrary author-id values. This enables identity spoofing, privilege escalation, and supply chain...
EverShop 安全漏洞
EverShop is a NodeJS e-commerce platform open-sourced by EverShop. A security vulnerability exists in EverShop version 2.0.1 that originates from an unauthenticated user being able to upload files and create directories in the /api/images endpoint...
CVE-2025-65844
EverShop 2.0.1 is affected. An unauthenticated remote attacker can upload arbitrary files and create directories via /api/images due to insufficient server-side validation. This could lead to impersonation of login panels and disk-space exhaustion (DoS). Remediation guidance in connected sources ...
CVE-2025-65844
EverShop 2.0.1 allows a remote unauthenticated attacker to upload arbitrary files and create directories via the /api/images endpoint. The endpoint is accessible without authentication by default, and server-side validation of uploaded files is insufficient. This can be abused to upload arbitrary...
CVE-2025-65112
PubNet is a self-hosted Dart & Flutter package service. Prior to version 1.1.3, the /api/storage/upload endpoint in PubNet allows unauthenticated users to upload packages as any user by providing arbitrary author-id values. This enables identity spoofing, privilege escalation, and supply chain...