Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2026/02/19 1:28 a.m.17 views

CVE-2025-70151

code-projects Scholars Tracking System 1.0 allows an authenticated attacker to achieve remote code execution via unrestricted file upload. The endpoints updateprofilepicture.php and uploadpicture.php store uploaded files in a web-accessible uploads/ directory using the original, user-supplied...

8.8CVSS6.8AI score0.00589EPSS
Exploits1References1
OSV
OSV
added 2026/02/18 6:24 p.m.5 views

CVE-2025-70151

code-projects Scholars Tracking System 1.0 allows an authenticated attacker to achieve remote code execution via unrestricted file upload. The endpoints updateprofilepicture.php and uploadpicture.php store uploaded files in a web-accessible uploads/ directory using the original, user-supplied...

8.8CVSS6.5AI score0.00589EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/02/18 12:0 a.m.5 views

CVE-2025-70151

code-projects Scholars Tracking System 1.0 allows an authenticated attacker to achieve remote code execution via unrestricted file upload. The endpoints updateprofilepicture.php and uploadpicture.php store uploaded files in a web-accessible uploads/ directory using the original, user-supplied...

8.8CVSS6.8AI score0.00589EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/02/18 12:0 a.m.6 views

CVE-2025-70151

code-projects Scholars Tracking System 1.0 allows an authenticated attacker to achieve remote code execution via unrestricted file upload. The endpoints updateprofilepicture.php and uploadpicture.php store uploaded files in a web-accessible uploads/ directory using the original, user-supplied...

6.8AI score0.00589EPSS
Exploits1References2
Packet Storm
Packet Storm
added 2024/09/17 12:0 a.m.233 views

Online Notice Board System 1.0 Arbitrary File Upload

============================================================================================================================================= | Title : Online Notice Board System project 1.0 Remote File Upload Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozil...

7.4AI score
Exploits0
CNNVD
CNNVD
added 2024/01/04 12:0 a.m.4 views

Online Notice Board System Code Issue Vulnerability

Online Notice Board System is an online bulletin board system. A security vulnerability exists in version v1.0 of the Online Notice Board System, which stems from an insecure file upload vulnerability in the f parameter of the user/updateprofilepic.php page...

8.8CVSS7AI score0.01213EPSS
Exploits1References3
OSV
OSV
added 2018/10/16 7:29 a.m.3 views

CVE-2018-18382

Advanced HRM 1.6 allows Remote Code Execution via PHP code in a .php file to the user/update-user-avatar URI, which can be accessed through an "Update Profile" "Change Picture" aka user/edit-profile action...

8.8CVSS5.9AI score0.02695EPSS
Exploits1References1
Rows per page
Query Builder