Access Control Bypass

Overview MindsDB is a MindsDB server, provides server capabilities to mindsdb native python library Affected versions of this package are vulnerable to Access Control Bypass via the exec function in the mindsdb/integrations/handlers/byomhandler/procwrapper.py component. An attacker can gain...

CVE-2025-10669

CVE-2025-10669 affects Airsonic-Advanced up to version 10.6.0 and is linked to the Playlist Upload Handler. The issue allows manipulation leading to unrestricted uploads, with remote initiation possible and public exploits available. Several sources (including PT-2025-38382) indicate a fix is to ...

Codezips Online Institute Management System 代码问题漏洞

Codezips Online Institute Management System is a Codezips open source online institute management system. A code issue vulnerability exists in Codezips Online Institute Management System version 1.0, which stems from the parameter websiteimage in the file /managewebsite.php that can lead to...

Codezips Free Exam Hall Seating Management System 安全漏洞

Codezips Free Exam Hall Seating Management System is a free exam hall seating management system from Codezips open source. A security vulnerability exists in Codezips Free Exam Hall Seating Management System version 1.0, which stems from mishandling of the parameter IMAGE, resulting in unrestrict...

WordPress plugin ACF Images Search And Insert 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...

Pisay Online E-Learning System 代码问题漏洞

Sourcecodester Pisay Online E-Learning System is an online e-learning system based on PHP and MySQL. A code issue vulnerability exists in Pisay Online E-Learning System version 1.0, which stems from the parameter file in the file /lesson/controller.php that can lead to unrestricted uploads...

EasyUse MailHunter Ultimate Code Issue Vulnerability

EasyUse MailHunter Ultimate is an accurate email finder tool from EasyUse China. A security vulnerability exists in EasyUse MailHunter Ultimate 2023 and prior versions, which stems from the presence of a Dangerous Types of Files Unrestricted Uploads vulnerability that could allow an authenticated...

TONGDA Office Anywhere 代码问题漏洞

TONGDA Office Anywhere is a collaborative office OA system. A code issue vulnerability exists in TONGDA Office Anywhere version 11.10, which stems from a problem with the function actionGetdata in the file GatewayController.php, which can lead to unrestricted uploads...

Simple and Nice Shopping Cart Script 代码问题漏洞

Simple and Nice Shopping Cart Script is simple and nice PHP shopping cart script. A vulnerability exists in SourceCodester Simple and Nice Shopping Cart Script version 1.0, which stems from a problem with the file uploaderm.php, where the operation of the parameter submit results in unrestricted...