CVE-2019-11199

Dolibarr ERP/CRM 9.0.1 was affected by stored XSS within uploaded files. These vulnerabilities allowed the execution of a JavaScript payload each time any regular user or administrative user clicked on the malicious link hosted on the same domain. The vulnerabilities could be exploited by low...

📄 ClipBucket 5.5.2 Build 90 Practical Exploitation Tool

An enhanced Python penetration testing tool designed specifically for ClipBucket video sharing platform vulnerability assessment and exploitation. It checks for remote command execution, file upload, SQL injection, local file inclusion, and more. It affects ClipBucket version 5.5.2 Build 90...

EUVD-2020-24652

Malware in sbrugna...

EUVD-2016-8036

Malware in sbrugna...

EUVD-2014-3721

Malware in sbrugna...

EUVD-2000-0847

Malware in sbrugna...

EUVD-2013-6183

Malware in sbrugna...

EUVD-2020-3122

Malware in sbrugna...

EUVD-2004-1539

Malware in sbrugna...

EUVD-2024-31992

Malicious code in bioql PyPI...

EUVD-2025-11954

Malicious code in bioql PyPI...

EUVD-2024-51279

Malicious code in bioql PyPI...

CVE-2025-8174

A vulnerability was found in code-projects Voting System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/candidatesadd.php. The manipulation of the argument photo leads to unrestricted upload. The attack may be launched remotely. The exploit...

CVE-2016-15046 Hanwha Techwin SSM 1.32 & 1.4 ActiveMQ File Upload RCE

A client-side remote code execution vulnerability exists in Hanwha Techwin Smart Security Manager SSM versions 1.32 and 1.4, due to improper restrictions on the PUT method exposed by the bundled Apache ActiveMQ instance running on port 8161. An attacker can exploit this flaw through a Cross-Origi...

WordPress WP Optimize By xTraffic Code Issue Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation, and WordPress plugin is an application plugin. A code issue vulnerability exists in WordPress WP Optimize By xTraffic that stems from the application not properly validating user-submitted code, which can be exploited b...

CVE-2025-20130

A vulnerability in the API of Cisco Identity Services Engine ISE and Cisco ISE Passive Identity Connector ISE-PIC could allow an authenticated, remote attacker with administrative privileges to upload files to an affected device. This vulnerability is due to improper validation of the file copy...

CVE-2024-13140

A vulnerability classified as problematic has been found in Emlog Pro up to 2.4.3. Affected is an unknown function of the file /admin/article.php?action=uploadcover of the component Cover Upload Handler. The manipulation of the argument image leads to cross site scripting. It is possible to launc...

CVE-2023-42000

Arcserve UDP prior to 9.2 contains a path traversal vulnerability in com.ca.arcflash.ui.server.servlet.FileHandlingServlet.doUpload. An unauthenticated remote attacker can exploit it to upload arbitrary files to any location on the file system where the UDP agent is installed...

CVE-2022-46603

An issue in Inkdrop v5.4.1 allows attackers to execute arbitrary commands via uploading a crafted markdown file...

CVE-2021-45014

There is an upload sql injection vulnerability in the background of taocms 3.0.2 in parameter id:action=cms=update=26...