CVE-2023-53962 SOUND4 IMPACT/FIRST/PULSE/Eco v2.x Unauthenticated Directory Traversal File Write

SOUND4 IMPACT/FIRST/PULSE/Eco v2.x contains an unauthenticated directory traversal vulnerability that allows remote attackers to write arbitrary files through the 'upgfile' parameter in upload.cgi. Attackers can exploit the vulnerability by sending crafted multipart form-data POST requests with...

CVE-2025-65287

An unauthenticated directory traversal vulnerability in cgi-bin/upload.cgi in SNMP Web Pro 1.1 allows a remote attacker to read arbitrary files. The CGI concatenates the user-supplied params directly onto the base path /var/www/files/userScript/ using memcpy + strcat without validation or...

PT-2025-50080

Name of the Vulnerable Software and Affected Versions SNMP Web Pro version 1.1 Description An unauthenticated directory traversal issue exists in the cgi-bin/upload.cgi component. The component concatenates user-supplied parameters directly onto a base path /var/www/files/userScript/ using memcpy...

PT-2025-47537

Name of the Vulnerable Software and Affected Versions icret EasyImages versions up to 2.8.6 Description A flaw exists in icret EasyImages, specifically within the SVG Image Handler component, affecting the file /app/upload.php. Manipulation of the File argument can lead to cross site scripting...

CVE-2025-41736

A low privileged remote attacker can upload a new or overwrite an existing python script by using a path traversal of the target filename in php resulting in a remote code execution...

EUVD-2025-175369

A stack buffer overflow vulnerability exists in the D-Link DIR-816A2 router firmware DIR-816A2FWv1.10CNB05R1B011D88210.img in the upload.cgi module, which handles firmware version information. The vulnerability occurs because /proc/version is read into a 512-byte buffer and then concatenated usin...

CVE-2025-62429 ClipBucket v5 executes arbitrary PHP code

ClipBucket v5 is an open source video sharing platform. Prior to version 5.5.2 147, ClipBucket v5 is vulnerable to arbitrary PHP code execution. In /upload/adminarea/actions/updatelaunch.php, the "type" parameter from a POST request is embedded into PHP tags and executed. Proper sanitization is n...

EUVD-2020-3411

Malware in sbrugna...

CVE-2025-60445

A stored Cross-Site Scripting XSS vulnerability has been discovered in XunRuiCMS version 4.7.1. The vulnerability exists due to insufficient validation of SVG file uploads in the dayrui/Fcms/Library/Upload.php component, allowing attackers to inject malicious JavaScript code that executes when th...

CVE-2025-9575

Summary: CVE-2025-9575 affects Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 devices. The issue resides in the /cgi-bin/upload.cgi file, specifically the cgiMain function, where manipulation of the filename argument enables operating system command injection. The vulnerability can be exploite...

CVE-2025-9575 Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 upload.cgi cgiMain os command injection

A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This issue affects the function cgiMain of the file /cgi-bin/upload.cgi. Executing manipulation of the argument filename can lead to os command...

Linksys多款产品 安全漏洞

Linksys RE6300 and others are products of Linksys, Inc.Linksys RE6300 is a wireless network signal extender.Linksys RE6250 is a wireless extender.Linksys RE6350 is a wireless extender.Linksys RE6350 is a wireless extender.Linksys RE6350 is a wireless extender.Linksys RE6350 is a wireless...

PT-2025-35124

Name of the Vulnerable Software and Affected Versions Linksys RE6250 version 1.0.013.001 Linksys RE6250 version 1.0.04.001 Linksys RE6250 version 1.0.04.002 Linksys RE6250 version 1.1.05.003 Linksys RE6250 version 1.2.07.001 Linksys RE6300 version 1.0.013.001 Linksys RE6300 version 1.0.04.001...

CVE-2012-10038

Auxilium RateMyPet contains an unauthenticated arbitrary file upload vulnerability in uploadbanners.php. The banner upload feature fails to validate file types or enforce authentication, allowing remote attackers to upload malicious PHP files. These files are stored in a web-accessible /banners/...

CVE-2012-10038 Auxilium RateMyPet Arbitrary File Upload RCE

Auxilium RateMyPet contains an unauthenticated arbitrary file upload vulnerability in uploadbanners.php. The banner upload feature fails to validate file types or enforce authentication, allowing remote attackers to upload malicious PHP files. These files are stored in a web-accessible /banners/...

EGallery 安全漏洞

EGallery is an online art gallery from EGallery Inc. in the United States. A security vulnerability exists in EGallery version 1.2, which stems from an uploadify.php script that does not validate file types or authentication, and could lead to arbitrary file uploads and remote code execution...

BlackVue Dashcam 590X 代码问题漏洞

BlackVue Dashcam 590X is a car recorder from BlackVue Korea. A code issue vulnerability exists in BlackVue Dashcam 590X 20250624 and earlier versions, which stems from an unrestricted upload issue in file/upload.cgi...

iSoluçõesWEB SoluçõesCoop 路径遍历漏洞

iSoluçõesWEB SoluçõesCoop is a management system for iSoluçõesWEB in Brazil. A path traversal vulnerability exists in iSoluçõesWEB SoluçõesCoop 20250516 and earlier versions, which stems from an incorrect manipulation of the nomeArquivo parameter of the file /sys/up.upload.php in the component...

DEBIAN-CVE-2025-49113

Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11 allows remote code execution by authenticated users because the from parameter in a URL is not validated in program/actions/settings/upload.php, leading to PHP Object Deserialization...

Roundcube Webmail 代码问题漏洞

RoundCube Webmail is a browser-based open source multi-language IMAP client , using PHP + Ajax development , to provide a desktop application-like interface and complete mail management features . Roundcube Webmail has a deserialization vulnerability , the vulnerability stems from the...