CVE-2018-18874

nc-cms through 2017-03-10 allows remote attackers to execute arbitrary PHP code via the "Upload File or Image" feature, with a .php filename and "Content-Type: application/octet-stream" to the index.php?action=filemanagerupload URI...

CVE-2010-5091

The setName function in filesystem/File.php in SilverStripe 2.3.x before 2.3.8 and 2.4.x before 2.4.1 allows remote authenticated users with CMS author privileges to execute arbitrary PHP code by changing the extension of an uploaded file...

CVE-2017-11760

uploadImage.php in ProjeQtOr before 6.3.2 allows remote authenticated users to execute arbitrary PHP code by uploading a .php file composed of concatenated image data and script data, as demonstrated by uploading as an image within the description text area...

CVE-2012-4389

Incomplete blacklist vulnerability in lib/migrate.php in ownCloud before 4.0.7 allows remote attackers to execute arbitrary code by uploading a crafted .htaccess file in an import.zip file and accessing an uploaded PHP file...

CVE-2005-4171

The "Upload new image" command in the "Manage Images" eFiction 1.1, when members are allowed to upload images, allows remote attackers to execute arbitrary PHP code by uploading a filename with a .php extension that contains a GIF header, which passes the image validity check but executes any PHP...

Exploit for CVE-2025-4403

CVE-2025-4403 Exploit Details - Published: May 8, 2...

1 Click WordPress Migration Plugin – 100% FREE for a limited time <= 2.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary File Upload

Description The 1 Click WordPress Migration Plugin – 100% FREE for a limited time plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'startrestore' function in all versions up to, and including, 2.2. This makes it possible for...

CVE-2025-32821

A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN admin privileges can with admin privileges can inject shell command arguments to upload a file on the appliance...

Exploit for CVE-2024-21546

CVE-2024-21546 Python Exploit 🔥 Description This Python ex...

CVE-2025-25016

CVE-2025-25016: Kibana suffers an Unrestricted File Upload weakness due to insufficient server-side validation, allowing an authenticated attacker to compromise software integrity by uploading a crafted file. Affected versions include Kibana 7.17.x before 7.17.19 and 8.0.x before 8.13.0. The issu...

Exploit for Unrestricted Upload of File with Dangerous Type in Sap Netweaver

CVE-2025-31324PoC Proof-of-Concept for CVE-2025-31324: Unauth...

CVE-2025-2579 Lottie Player <= 1.1.8 - Authenticated (Author+) Stored Cross-Site Scripting via File Upload

The Lottie Player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via File uploads in all versions up to, and including, 1.1.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to...

CVE-2024-55371

Wallos = 2.38.2 has a file upload vulnerability in the restore backup function, which allows authenticated users to restore backups by uploading a ZIP file. The contents of the ZIP file are extracted on the server. This functionality enables an authenticated attacker being an administrator is not...

Wyse Management Suite Code Issue Vulnerability

The Wyse Management Suite is a scalable solution for managing and optimizing Wyse endpoints, providing centralized management, asset tracking and automated device discovery. A code issue vulnerability exists in Wyse Management Suite. The vulnerability stems from the program failing to adequately...

Spring Boot common-user-management 0.1 - Remote Code Execution (RCE)

Exploit Title: Unrestricted File Upload Google Dork: Date: 14/Nov/2024 Exploit Author: d3sca Vendor Homepage: https://github.com/OsamaTaher/Java-springboot-codebase Software Link: https://github.com/OsamaTaher/Java-springboot-codebase Version: app version 0.1 Tested on: Debian Linux CVE :...

CVE-2025-32017 Umbraco has a Management API Vulnerability to Path Traversal With Authenticated Users

Umbraco is a free and open source .NET content management system. Authenticated users to the Umbraco backoffice are able to craft management API request that exploit a path traversal vulnerability to upload files into a incorrect location. The issue affects Umbraco 14+ and is patched in 14.3.4 an...

CVE-2025-30017 Missing Authorization check in SAP Solution Manager

Due to a missing authorization check, an authenticated attacker could upload a file as a template for solution documentation in SAP Solution Manager 7.1. After successful exploitation, an attacker can cause limited impact on the integrity and availability of the application...

CVE-2025-30017

CVE-2025-30017 affects SAP Solution Manager 7.1. The issue is a missing authorization check that could let an authenticated attacker upload a file as a template for solution documentation, with limited impact on the application’s integrity and availability. Remediation is via SAP security patches...

PT-2025-15635 · Dnn · Dnn

Name of the Vulnerable Software and Affected Versions: DNN formerly DotNetNuke versions prior to 9.13.2 Description: The issue allows uploading files with malicious content by renaming them to have an allowed file extension, such as renaming an executable file to have a .jpg extension. This could...

PT-2025-14884 · Sourcecodester · Sourcecodester Web-Based Pharmacy Product Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Web-based Pharmacy Product Management System version 1.0 Description: A critical vulnerability was found in the SourceCodester Web-based Pharmacy Product Management System. The issue affects an unknown functionality of the file...