52 matches found
Pandora FMS 安全漏洞
Pandora FMS is a monitoring system developed by the American company Pandora FMS. This system provides visual monitoring of networks, servers, virtual infrastructure, and applications. Versions 777 to 800 of Pandora FMS have a security vulnerability; this vulnerability stems from unlimited upload...
Airleader Master 代码问题漏洞
Airleader Master is a management device developed by the American company Airleader, used for managing air compressors. Versions of Airleader Master 6.381 and earlier contained code vulnerabilities due to unlimited file upload capabilities, which could lead to remote code execution...
NTN Smart Panel 代码问题漏洞
NTN Smart Panel is a software for insurance business operations developed by the Turkish company NTN. Versions of NTN Smart Panel prior to 20251215 had code-related vulnerabilities. These vulnerabilities stemmed from unlimited upload of dangerous types of files, which could lead to access to...
Hillstone Operation and Maintenance Security Gateway 安全漏洞
Hillstone Operation and Maintenance Security Gateway is a network operation and maintenance management platform developed by Hillstone Corporation. Version V5.5ST00001B113 of the Hillstone Operation and Maintenance Security Gateway contains a security vulnerability. This vulnerability stems from...
Solvera Teknoera code-related vulnerabilities
Solvera Teknoera is a technology development management software developed by the Turkish company Solvera. Versions of Solvera Teknoera prior to 01102025 contained code vulnerabilities. These vulnerabilities stemmed from unlimited uploading of dangerous types of files, which could lead to file...
CVE-2025-66838
In Aris v10.0.23.0.3587512 and before, the file upload functionality does not enforce any rate limiting or throttling, allowing users to upload files at an unrestricted rate. An attacker can exploit this behavior to rapidly upload a large volume of files, potentially leading to resource exhaustio...
DouPHP 代码问题漏洞
DouPHP is an enterprise website builder from China DouPHP Company. A code issue vulnerability exists in DouPHP 1.8 Release 20251022 and earlier versions, which stems from the incorrect operation of the parameter File in the file upload/include/file.class.php, which can lead to unlimited uploads...
EUVD-2025-25623
Malicious code in bioql PyPI...
Denial Of Service (DoS)
Liferay Portal is vulnerable to Denial of Service DoS. The vulnerability is due to insufficient restrictions on file uploads through forms, which are stored in the documentlibrary, allowing an attacker to upload unlimited files and cause a potential DDoS...
Denial Of Service (DoS)
com.liferay.portal, release.portal.bom are vulnerable to Denial Of Service DoS. The vulnerability is due to allowing unlimited file uploads through object entries attachment fields, which are stored in the documentlibrary, allowing an attacker to cause a potential Denial-of-Service DDoS attack...
CVE-2025-43762
Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.1, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.14 and 7.4 GA through update 92 allow users to upload an unlimited amount of files through the...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the lack of temporary file deletions in the forms upload field. An attacker can exhaust system resources by uploading an unlimited number of files, potentially leading to...
GHSA-84PP-QR92-95C9 Liferay Portal users can upload an unlimited amount of files
Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.1, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.14 and 7.4 GA through update 92 allow users to upload an unlimited amount of files through the...
Liferay Portal users can upload an unlimited amount of files
Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.1, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.14 and 7.4 GA through update 92 allow users to upload an unlimited amount of files through the...
CVE-2025-43762
Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.1, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.14 and 7.4 GA through update 92 allow users to upload an unlimited amount of files through the...
CVE-2025-43762
Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.1, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.14 and 7.4 GA through update 92 allow users to upload an unlimited amount of files through the...
CVE-2025-43762
Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.1, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.14 and 7.4 GA through update 92 allow users to upload an unlimited amount of files through the...
CVE-2025-43762
CVE-2025-43762 affects Liferay Portal 7.4.0–7.4.3.132 and Liferay DXP 2025.Q1.0–2025.Q1.1 (also 2024 Qx releases), where forms upload allows an unlimited number of files to be stored in document_library, enabling a potential DDoS. Concrete details available: vulnerable components include form upl...
GHSA-QPP6-F3QJ-RGGQ Liferay Portal's Unlimited File Upload Could Result in DoS
Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.4, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.15 and 7.4 GA through update 92 allow users to upload an unlimited amount of files through the...
CVE-2025-43752
Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.4, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.15 and 7.4 GA through update 92 allow users to upload an unlimited amount of files through the...