CVE-2025-52636

HCL AION is affected by a vulnerability related to the handling of upload size limits. Improper control or validation of upload sizes may allow excessive resource consumption, which could potentially lead to service degradation or denial-of-service conditions under certain scenarios...

CVE-2025-52636

CVE-2025-52636 affects HCL AION. The issue is improper handling/validation of upload size limits, which may allow excessive resource consumption and could lead to service degradation or denial-of-service conditions under certain scenarios. Connected sources reiterate the same vulnerability descri...

PT-2025-32666 · Liferay · Liferay Portal +1

Name of the Vulnerable Software and Affected Versions: Liferay Portal versions 7.4.3.0 through 7.4.3.132 Liferay DXP versions 2025.Q1.0 through 2025.Q1.8 Liferay DXP versions 2024.Q4.0 through 2024.Q4.7 Liferay DXP versions 2024.Q3.0 through 2024.Q3.13 Liferay DXP versions 2024.Q2.0 through...

CVE-2025-32959

CUBA Platform is a high level framework for enterprise applications development. Prior to version 7.2.23, the local file storage implementation does not restrict the size of uploaded files. An attacker could exploit this by uploading excessively large files, potentially causing the server to run...

WordPress Increase upload file size & Maximum Execution Time limit plugin <= 2.0 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin Increase upload file size & Maximum Execution Time limit versions = 2.0...

CVE-2023-44388

Discourse is an open source platform for community discussion. A malicious request can cause production log files to quickly fill up and thus result in the server running out of disk space. This problem has been patched in the 3.1.1 stable and 3.2.0.beta2 versions of Discourse. It is possible to...

WordPress Drag and Drop Multiple File Upload Security Bypass Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. A security bypass vulnerability exists in WordPress Drag and Drop Multiple File Upload, which is caused due to a flaw in the upload size limit set...

PT-2022-21496 · WordPress · Drag/Drop Multiple File Upload

Name of the Vulnerable Software and Affected Versions: Drag and Drop Multiple File Upload WordPress plugin versions prior to 1.3.6.5 Description: The issue arises from the plugin not properly checking the upload size limit set in forms. Instead, it takes the value from user input sent when...

WordPress Plugin Drag and Drop Multiple File Upload 安全漏洞

WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. A security bypass vulnerability exists in WordPress Drag and Drop Multiple File Upload, which is caused due to a flaw in the upload size limit set...

WordPress Drag and Drop Multiple File Upload plugin <= 1.3.6.4 - File Upload Size Limit Bypass vulnerability

File Upload Size Limit Bypass vulnerability discovered by Sanjay Das in WordPress Drag and Drop Multiple File Upload plugin versions = 1.3.6.4. Solution Update the WordPress Drag and Drop Multiple File Upload – Contact Form 7 plugin to the latest available version at least 1.3.6.5...