20 matches found
Improper Handling of Insufficient Permissions or Privileges
Overview Affected versions of this package are vulnerable to Improper Handling of Insufficient Permissions or Privileges incomplete revocation of API key permissions during the user demotion process. An attacker can maintain unauthorized access to upload-request management and log viewing endpoin...
Improper Handling of Insufficient Permissions or Privileges
Overview Affected versions of this package are vulnerable to Improper Handling of Insufficient Permissions or Privileges incomplete revocation of API key permissions during the user demotion process. An attacker can maintain unauthorized access to upload-request management and log viewing endpoin...
EUVD-2022-7171
Malicious code in bioql PyPI...
EUVD-2025-4252
Malicious code in bioql PyPI...
CVE-2022-3771
A vulnerability, which was classified as critical, has been found in easyii CMS. This issue affects the function file of the file helpers/Upload.php of the component File Upload Management. The manipulation leads to unrestricted upload. The attack may be initiated remotely. The identifier...
easyii CMS code issue vulnerability
easyii CMS is a simple CMS for simple websites. easyii CMS has a security vulnerability that stems from a compromised function file in the helpers/Upload.php file of the component File Upload Management, which could lead to unrestricted uploads. No details of the vulnerability are currently...
easyii CMS's File Upload Management vulnerable to unrestricted upload
This issue affects the function file of the file helpers/Upload.php of the component File Upload Management. The manipulation leads to unrestricted upload. The attack may be initiated remotely...
GHSA-VQVM-QRWH-69H7 easyii CMS's File Upload Management vulnerable to unrestricted upload
This issue affects the function file of the file helpers/Upload.php of the component File Upload Management. The manipulation leads to unrestricted upload. The attack may be initiated remotely...
Design/Logic Flaw
A vulnerability, which was classified as critical, has been found in easyii CMS. This issue affects the function file of the file helpers/Upload.php of the component File Upload Management. The manipulation leads to unrestricted upload. The attack may be initiated remotely. The identifier...
CVE-2022-3771 easyii CMS File Upload Management Upload.php file unrestricted upload
A vulnerability, which was classified as critical, has been found in easyii CMS. This issue affects the function file of the file helpers/Upload.php of the component File Upload Management. The manipulation leads to unrestricted upload. The attack may be initiated remotely. The identifier...
CVE-2022-3771 easyii CMS File Upload Management Upload.php file unrestricted upload
A vulnerability, which was classified as critical, has been found in easyii CMS. This issue affects the function file of the file helpers/Upload.php of the component File Upload Management. The manipulation leads to unrestricted upload. The attack may be initiated remotely. The identifier...
PT-2022-24045 · Unknown · Easyii Cms
Name of the Vulnerable Software and Affected Versions: easyii CMS affected versions not specified Description: A critical issue has been found in easyii CMS, affecting the function file of the file helpers/Upload.php of the component File Upload Management. The manipulation leads to unrestricted...
Tad Uploader Cross-Site Scripting Vulnerability
Tad Uploader is a file upload management module by the individual developer of Tad in Taiwan, China. A cross-site scripting vulnerability exists in Tad Uploader, which stems from the failure of the add subject of the book list function in the product to properly filter certain special characters...
Tad Uploader 跨站脚本漏洞
Tad Uploader is a file upload management module by the individual developer of Tad in Taiwan, China. A cross-site scripting vulnerability exists in Tad Uploader, which stems from the failure of the add subject of the book list function in the product to properly filter certain special characters...
CVE-2018-19556
zbsystem/admin/index.php?act=UploadMng in Z-BlogPHP 1.5 mishandles file preview, leading to content spoofing. NOTE: the software maintainer disputes that this is a vulnerability...
Z-BlogPHP Content Spoofing Vulnerability
Z-BlogPHP is an open source PHP-based blogging system developed by the Z-Blog community. A security vulnerability exists in the zbsystem/admin/index.php?act=UploadMng URL in Z-BlogPHP version 1.5, which stems from the program not handling file previews correctly. An attacker can exploit the...
PT-2018-15001 · Z Blogphp · Z-Blogphp
Name of the Vulnerable Software and Affected Versions: Z-BlogPHP version 1.5 Description: The issue in Z-BlogPHP relates to the mishandling of file preview in the zb system/admin/index.php?act=UploadMng endpoint, potentially leading to content spoofing. However, it's noted that the software...
Override Access Vulnerability in DCMS Upload Management Page
Xiamen Sanwu Internet Technology Co., Ltd. is China's first "cloud computing"-based enterprise informatization services listed on the Growth Enterprise Market GEM. An unauthorized access vulnerability exists in the DCMS upload management page. An attacker can exploit the vulnerability to gain...
KBVault MySQL 0.16a - Arbitrary File Upload
KBVault MySQL 0.16a - Arbitrary File Upload Exploit Title: KBVault MySQL v0.16a - Unauthenticated File Upload to Run Code Google Dork: inurl:"FileExplorer/Explorer.aspx" Date: 2017-06-14 Exploit Author: Fatih Emiral Vendor Homepage: http://kbvaultmysql.codeplex.com/ Software Link:...
Cisco Identity Services Engine File Space Denial of Service Vulnerability
A vulnerability in the file upload management of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to upload multiple files to a specific location of the filesystem and exhaust disk space. The vulnerability is due to insufficient management of filesystem free space...