GHSA-WVHV-QCQF-F3CX goshs has a file-based ACL authorization bypass in goshs state-changing routes

Summary goshs enforces the documented per-folder .goshs ACL/basic-auth mechanism for directory listings and file reads, but it does not enforce the same authorization checks for state-changing routes. An unauthenticated attacker can upload files with PUT, upload files with multipart POST /upload,...

CVE-2025-14944 Backup Migration <= 2.0.0 - Missing Authorization to Unauthenticated Backup Upload to Offline Storage

The Backup Migration plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 2.0.0. This is due to a missing capability check on the 'initializeOfflineAjax' function and lack of proper nonce verification. The endpoint only validates against hardcoded toke...

AVideo: Video Publishing Workflow Bypass via Unauthorized overrideStatus Request Parameter

Summary AVideo's video processing pipeline accepts an overrideStatus request parameter that allows any uploader to set a video's status to any valid state, including "active" a. This bypasses the admin-controlled moderation and draft workflows. The setStatus method validates the status code again...

CVE-2026-3533

The Jupiter X Core plugin for WordPress is vulnerable to limited file uploads due to missing authorization on importpopuptemplates function as well as insufficient file type validation in the uploadfiles function in all versions up to, and including, 4.14.1. This makes it possible for Authenticat...

WordPress plugin KiviCare – Clinic & Patient Management System (EHR) has security vulnerabilities.

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

CVE-2026-24035

Horilla HRMS (Horilla) has an Improper Access Control vulnerability affecting versions 1.4.0 up to but not including 1.5.0. The issue stems from insufficient server-side validation of the employee_id parameter during file uploads, allowing any authenticated employee to upload documents on behalf ...

CVE-2023-25923

IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 could allow an attacker to upload files that could be used in a denial of service attack due to incorrect authorization. IBM X-Force ID: 247629...

GHSA-XPHH-5V4R-R3RX PsiTransfer has Zip Slip Path Traversal via TAR Archive Download

Summary A Zip Slip vulnerability in PsiTransfer allows an unauthenticated attacker to upload files with path traversal sequences in the filename e.g. ../../../.ssh/authorizedkeys. When a victim downloads the bucket as a .tar.gz archive and extracts it, malicious files are written outside the...

EUVD-2025-203952

AVideo versions prior to 20.0 allow any authenticated user to upload files into directories belonging to other users due to an insecure direct object reference. The upload functionality verifies authentication but does not enforce ownership checks...

CVE-2025-14045

CVE-2025-14045 affects the URL Media Uploader plugin for WordPress. A missing capability check in url_media_uploader_url_upload_ajax_handler() allows authenticated users with Contributor+ access to upload safe media files across all versions up to 1.0.1. Remediation suspected: upgrade to 1.0.1 or...

CVE-2025-51661

A path Traversal vulnerability found in FileCodeBox v2.2 and earlier allows arbitrary file writes when application is configured to use local filesystem storage. SystemFileStorage.savefile method in core/storage.py uses filenames from user input without validation to construct savepath and save...

EUVD-2024-16937

Malicious code in bioql PyPI...

EUVD-2023-47893

Malicious code in bioql PyPI...

CVE-2025-9965

The CVE-2025-9965 entry concerns Novakon P series devices (P – V2001.A.C518o2) with an improper authentication vulnerability that allows unauthenticated attackers to upload and download arbitrary applications to/from the device. The root cause is improper authentication on P series control interf...

CVE-2012-10036

Project Pier 0.8.8 and earlier contains an unauthenticated arbitrary file upload vulnerability in tools/uploadfile.php. The upload handler fails to validate the file type or enforce authentication, allowing remote attackers to upload malicious PHP files directly into a web-accessible directory. T...

CVE-2024-6366

The User Profile Builder WordPress plugin before 3.11.8 does not have proper authorisation, allowing unauthenticated users to upload media files via the async upload functionality of WP...

CVE-2022-23705

A security vulnerability has been identified in HPE Nimble Storage Hybrid Flash Arrays, HPE Nimble Storage All Flash Arrays, and HPE Nimble Storage Secondary Flash Arrays which could potentially allow the upload, but not execution, of unauthorized update binaries to the array. HPE has made the...

CVE-2019-15748

SITOS six Build v6.2.1 permits unauthorised users to upload and import a SCORM 2004 package by browsing directly to affected pages. An unauthenticated attacker could use the upload and import functionality to import a malicious SCORM package that includes a PHP file, which could execute arbitrary...

CVE-2025-31324

SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allowing unauthenticated agent to upload potentially malicious executable binaries that could severely harm the host system. This could significantly affect the confidentiality, integrity, and availabili...

CVE-2025-31489 MinIO performs incomplete signature validation for unsigned-trailer uploads

MinIO is a High Performance Object Storage released under GNU Affero General Public License v3.0. The signature component of the authorization may be invalid, which would mean that as a client you can use any arbitrary secret to upload objects given the user already has prior WRITE permissions on...