SourceCodester E-Commerce System 代码问题漏洞

SourceCodester E-Commerce System is an e-commerce system from SourceCodester Inc. A code issue vulnerability exists in SourceCodester E-Commerce System version 1.0 due to an untrusted file upload vulnerability in the photo parameter of the /ecommerce/admin/products/controller.php page...

CVE-2023-41793 Path Traversal and Untrusted Upload File

: Path Traversal vulnerability in Pandora FMS on all allows Path Traversal. This vulnerability allowed changing directories and creating files and downloading them outside the allowed directories. This issue affects Pandora FMS: from 700 through 776...

CVE-2023-41793 Path Traversal and Untrusted Upload File

: Path Traversal vulnerability in Pandora FMS on all allows Path Traversal. This vulnerability allowed changing directories and creating files and downloading them outside the allowed directories. This issue affects Pandora FMS: from 700 through 776...

DRUPAL-CORE-2020-013

The Drupal project uses the PEAR Archive\Tar library. The PEAR Archive\Tar library has released a security update that impacts Drupal. For more information please see: CVE-2020-28948 CVE-2020-28949 Multiple vulnerabilities are possible if Drupal is configured to allow .tar, .tar.gz, .bz2, or .tlz...

CVE-2019-19634

CVE-2019-19634 affects verot.net class.upload.php up to version 2.0.4 (and 1.0.3 in some builds) used in Joomla! K2 extension; it omits .pht from dangerous extensions, enabling arbitrary file upload and remote code execution. An exploit/POC demonstrates obtaining a shell via a crafted image uploa...