40 matches found
Cisco Catalyst SD-WAN Manager Arbitrary File Write Vulnerability
A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker to create a file or overwrite any file on the filesystem of an affected system. This vulnerability exists because the affected software does not properly validate...
CVE-2026-40488
Magento Long Term Support LTS is an unofficial, community-driven project provides an alternative to the Magento Community Edition e-commerce platform with a high level of backward compatibility. Prior to version 20.17.0, the product custom option file upload in OpenMage LTS uses an incomplete...
baserCMS has Unsafe File Upload Leading to Remote Code Execution (RCE)
Details The application's restore function allows users to upload a .zip file, which is then automatically extracted. A PHP file inside the archive is included using requireonce without validating or restricting the filename. An attacker can craft a malicious PHP file within the zip and achieve...
GHSA-HV78-CWP4-8R7R baserCMS has Unsafe File Upload Leading to Remote Code Execution (RCE)
Details The application's restore function allows users to upload a .zip file, which is then automatically extracted. A PHP file inside the archive is included using requireonce without validating or restricting the filename. An attacker can craft a malicious PHP file within the zip and achieve...
CVE-2025-32957
baserCMS prior to version 5.2.3 is vulnerable in its restore function, which accepts a ZIP upload and auto-extracts it. A PHP file inside the archive is then included via require_once without validating or restricting the filename, enabling arbitrary code execution if a malicious PHP file is craf...
CVE-2025-32957 baserCMS: unsafe File Upload Leading to Remote Code Execution (RCE)
baserCMS is a website development framework. Prior to version 5.2.3, the application's restore function allows users to upload a .zip file, which is then automatically extracted. A PHP file inside the archive is included using requireonce without validating or restricting the filename. An attacke...
CVE-2026-27540
CVE-2026-27540 is an unauthenticated arbitrary file upload vulnerability in the WordPress WooCommerce Wholesale Lead Capture plugin (
CVE-2024-58313
xbtitFM 4.1.18 contains an insecure file upload vulnerability that allows authenticated attackers with administrative privileges to upload and execute arbitrary PHP code through the filehosting feature. Attackers can bypass file type restrictions by modifying the Content-Type header to image/gif,...
WordPress URL Media Uploader plugin <= 1.0.1 - Missing Authorization to Authenticated (Contributor+) Safe File Upload vulnerability
Missing Authorization to Authenticated Contributor+ Safe File Upload vulnerability discovered by jsonc in WordPress Plugin URL Media Uploader versions = 1.0.1...
Exploit for CVE-2025-1337
CVE‑2025‑1337 — Intentional Remote Code Execution Training Mac...
CVE-2025-62421
DataEase is a data visualization and analytics platform. In DataEase versions through 2.10.13, a stored cross-site scripting vulnerability exists due to improper file upload validation and authentication bypass. The StaticResourceApi interface defines a route upload/fileId that uses a URL path...
EUVD-2022-3044
Malicious code in bioql PyPI...
CVE-2025-11221 Remote Code Execution in GTONE ChangeFlow
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal', Unrestricted Upload of File with Dangerous Type vulnerability in GTONE ChangeFlow allows Path Traversal, Accessing Functionality Not Properly Constrained by ACLs.This issue affects ChangeFlow: from All versions through...
CVE-2025-10001 Import any XML, CSV or Excel File to WordPress <= 3.9.3 - Authenticated (Admin+) Limited Unsafe File Upload
The Import any XML, CSV or Excel File to WordPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the import functionality in all versions up to, and including, 3.9.3. This makes it possible for authenticated attackers, with Administrator-level...
CVE-2025-10001 Import any XML, CSV or Excel File to WordPress <= 3.9.3 - Authenticated (Admin+) Limited Unsafe File Upload
The Import any XML, CSV or Excel File to WordPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the import functionality in all versions up to, and including, 3.9.3. This makes it possible for authenticated attackers, with Administrator-level...
CVE-2024-8393
The Woocommerce Blocks – Woolook plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.7.0 via the via the 'tab' parameter. This makes it possible for authenticated attackers, with Administrator-level access and above, to include and execute arbitrary...
CVE-2024-11390 Kibana Unrestricted Upload of File with Dangerous Type Can Lead to XSS
Unrestricted upload of a file with dangerous type in Kibana can lead to arbitrary JavaScript execution in a victim’s browser XSS via crafted HTML and JavaScript files. The attacker must have access to the Synthetics app AND/OR have access to write to the synthetics indices...
Exploit for Unrestricted Upload of File with Dangerous Type in Codeastro Internet_Banking_System
--- CVE-2025-29017 - Internet Banking System 2.0.0 Remote Cod...
CVE-2024-40693
IBM Planning Analytics 2.0 and 2.1 could be vulnerable to malicious file upload by not validating the content of the file uploaded to the web interface. Attackers can make use of this weakness and upload malicious executable files into the system, and it can be sent to victim for performing furth...
ILIAS 安全漏洞
ILIAS is an open source learning management system. A security vulnerability exists in ILIAS versions 7.x prior to 7.30, 8.x prior to 8.11, and 9.0, which stems from a vulnerability that could allow a remote, authenticated attacker to execute operating system commands via a dangerous type of file...