28 matches found
PT-2026-35959
A vulnerability was found in SourceCodester Pizzafy Ecommerce System 1.0. Affected is the function save menu of the file /admin/admin class novo.php of the component File Extension Handler. Performing a manipulation of the argument img results in unrestricted upload. The attack is possible to be...
EUVD-2008-2213
Malware in sbrugna...
EUVD-2024-52944
Malicious code in bioql PyPI...
EUVD-2025-22422
Malicious code in bioql PyPI...
EUVD-2024-42906
Malicious code in bioql PyPI...
EUVD-2025-10667
Malicious code in bioql PyPI...
EUVD-2025-10465
Malicious code in bioql PyPI...
EUVD-2025-4778
Malicious code in bioql PyPI...
CVE-2025-9476 SourceCodester Human Resource Information System editemployee_process.php unrestricted upload
A vulnerability has been found in SourceCodester Human Resource Information System 1.0. Affected by this issue is some unknown functionality of the file /SuperadminDashboard/process/editemployeeprocess.php. Such manipulation of the argument employeefile201 leads to unrestricted upload. The attack...
CVE-2023-33404
An Unrestricted Upload vulnerability, due to insufficient validation on UploadControlled.cs file, in BlogEngine.Net version 3.3.8.0 and earlier allows remote attackers to execute remote code...
CVE-2025-4735 Campcodes Sales and Inventory System product.php unrestricted upload
A vulnerability has been found in Campcodes Sales and Inventory System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /pages/product.php. The manipulation of the argument Picture leads to unrestricted upload. The attack can be launched...
CVE-2025-32682
Unrestricted Upload of File with Dangerous Type vulnerability in RomanCode MapSVG mapsvg-lite-interactive-vector-maps allows Upload a Web Shell to a Web Server.This issue affects MapSVG: from n/a through = 8.6.4...
CVE-2024-39397 Adobe Commerce | Unrestricted Upload of File with Dangerous Type (CWE-434)
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could result in arbitrary code execution by an attacker. An attacker could exploit this vulnerability by uploading a malicious file whic...
CVE-2024-5145 SourceCodester Vehicle Management System HTTP POST Request newdriver.php unrestricted upload
A vulnerability was found in SourceCodester Vehicle Management System up to 1.0 and classified as critical. This issue affects some unknown processing of the file /newdriver.php of the component HTTP POST Request Handler. The manipulation of the argument file leads to unrestricted upload. The...
CVE-2024-4961 D-Link DAR-7000-40 onlineuser.php unrestricted upload
UNSUPPORTED WHEN ASSIGNED A vulnerability classified as critical was found in D-Link DAR-7000-40 V31R02B1413C. Affected by this vulnerability is an unknown functionality of the file /user/onlineuser.php. The manipulation of the argument fileupload leads to unrestricted upload. The attack can be...
Hitachi Energy's RTU500 series Unrestricted Upload of File with Dangerous Type (CVE-2024-1532)
A vulnerability exists in the stb-language file handling that affects the RTU500 series product versions listed below. A malicious actor could enforce diagnostic texts being displayed as empty strings, if an authorized user uploads a specially crafted stb-language file. This plugin only works wit...
PT-2024-22636 · Tumult · Tumult Hype Animations
Name of the Vulnerable Software and Affected Versions: Tumult Hype Animations versions 1.9.12 and earlier Description: The issue is related to an Unrestricted Upload of File with Dangerous Type, which affects Tumult Hype Animations. Recommendations: For versions 1.9.12 and earlier, update to a...
CVE-2023-38388 WordPress Jupiter X Core plugin <= 3.3.5 - Unauth. Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in Artbees JupiterX Core.This issue affects JupiterX Core: from n/a through 3.3.5...
WordPress Plugin WP Githuber MD 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress Plugin WP Githuber MD suffer...
CVE-2024-1262 Juanpao JPShop API MaterialController.php actionUpdate unrestricted upload
A vulnerability, which was classified as critical, has been found in Juanpao JPShop up to 1.5.02. This issue affects the function actionUpdate of the file /api/controllers/merchant/design/MaterialController.php of the component API. The manipulation of the argument picurl leads to unrestricted...