143 matches found
PT-2024-5457 · Cisco · Cisco Rv345 +1
Name of the Vulnerable Software and Affected Versions: Cisco RV340 and RV345 Dual WAN Gigabit VPN Routers affected versions not specified Description: A vulnerability in the upload module could allow an authenticated, remote attacker to execute arbitrary code on an affected device. This issue is...
PT-2023-19325 · Woorockets · Woorockets Corsa
Name of the Vulnerable Software and Affected Versions: WooRockets Corsa versions 1.5 and earlier Description: The issue is related to an Unrestricted Upload of File with Dangerous Type vulnerability. This allows for the upload of files with potentially dangerous types, which could lead to securit...
CVE-2023-3800
A vulnerability was found in EasyAdmin8 2.0.2.2. It has been classified as problematic. Affected is an unknown function of the file /admin/index/index.html/admin/mall.goods/index.html of the component File Upload Module. The manipulation leads to unrestricted upload. The complexity of an attack i...
Design/Logic Flaw
A vulnerability was found in EasyAdmin8 2.0.2.2. It has been classified as problematic. Affected is an unknown function of the file /admin/index/index.html/admin/mall.goods/index.html of the component File Upload Module. The manipulation leads to unrestricted upload. The complexity of an attack i...
CVE-2023-3800 EasyAdmin8 File Upload Module index.html unrestricted upload
A vulnerability was found in EasyAdmin8 2.0.2.2. It has been classified as problematic. Affected is an unknown function of the file /admin/index/index.html/admin/mall.goods/index.html of the component File Upload Module. The manipulation leads to unrestricted upload. The complexity of an attack i...
CVE-2023-3800 EasyAdmin8 File Upload Module index.html unrestricted upload
A vulnerability was found in EasyAdmin8 2.0.2.2. It has been classified as problematic. Affected is an unknown function of the file /admin/index/index.html/admin/mall.goods/index.html of the component File Upload Module. The manipulation leads to unrestricted upload. The complexity of an attack i...
PT-2023-26244 · Unknown · Easyadmin8
Name of the Vulnerable Software and Affected Versions: EasyAdmin8 version 2.0.2.2 Description: A vulnerability has been found in the File Upload Module of EasyAdmin8, affecting an unknown function of the file /admin/index/index.html/admin/mall.goods/index.html. This issue leads to unrestricted...
CVE-2023-37135
A stored cross-site scripting XSS vulnerability in the Image Upload module of eyoucms v1.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
CVE-2023-37135
A stored cross-site scripting XSS vulnerability in the Image Upload module of eyoucms v1.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
CVE-2023-37135
A stored cross-site scripting XSS vulnerability in the Image Upload module of eyoucms v1.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
Cross site scripting
A stored cross-site scripting XSS vulnerability in the Image Upload module of eyoucms v1.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
Connect-Multiparty allows arbitrary file upload
An arbitrary file upload vulnerability in the file upload module of Express Connect-Multiparty 2.2.0 allows attackers to execute arbitrary code via a crafted PDF file. NOTE: the Supplier has not verified this vulnerability report...
Design/Logic Flaw
An arbitrary file upload vulnerability in the file upload module of Tiddlywiki5 v5.2.2 allows attackers to execute arbitrary code via a crafted SVG file...
Design/Logic Flaw
An arbitrary file upload vulnerability in the file upload module of Graphql-upload v13.0.0 allows attackers to execute arbitrary code via a crafted filename...
CVE-2022-29354
CVE-2022-29354 concerns Keystone CMS, version 4.2.1. The vulnerability is in the File Upload module, where an arbitrary file upload allows an attacker to execute arbitrary code via a crafted file. The description and connected sources confirm the affected software/component and the risk of remote...
Keystone 代码问题漏洞
Keystone is a powerful CMS designed to help you build and scale faster than any other Cms or application framework. A security vulnerability exists in Keystone version 4.2.1, which stems from an arbitrary file upload issue in the File Upload module. An attacker can execute arbitrary code via a...
CVE-2022-28113
An issue in upload.csp of FANTEC GmbH MWiD25-DS Firmware v2.000.030 allows attackers to write files and reset the user passwords without having a valid session cookie...
Unrestricted Upload of File with Dangerous Type in Strapi
An arbitrary file upload vulnerability in the file upload module of Strapi v4.1.5 allows attackers to execute arbitrary code via a crafted file...
GHSA-9QGM-W87Q-HX89 Unrestricted Upload of File with Dangerous Type in Strapi
An arbitrary file upload vulnerability in the file upload module of Strapi v4.1.5 allows attackers to execute arbitrary code via a crafted file...
Design/Logic Flaw
An arbitrary file upload vulnerability in the file upload module of Strapi v4.1.5 allows attackers to execute arbitrary code via a crafted file...