181 matches found
CVE-2022-23494 Cross-site scripting vulnerability in TinyMCE alerts
tinymce is an open source rich text editor. A cross-site scripting XSS vulnerability was discovered in the alert and confirm dialogs when these dialogs were provided with malicious HTML content. This can occur in plugins that use the alert or confirm dialogs, such as in the image plugin, which...
CVE-2022-36303
Vesta v1.0.0-5 was discovered to contain a cross-site scripting XSS vulnerability via the handlefileupload function at /web/api/v1/upload/UploadHandler.php...
Vesta Control Panel 跨站脚本漏洞
Vesta Control Panel VestaCP is an open source web hosting control panel. A security vulnerability exists in Vesta Control Panel version v1.0.0-5, which stems from a security issue in the body function of UploadHandler.php...
Vesta Control Panel 跨站脚本漏洞
Vesta Control Panel VestaCP is an open source web hosting control panel. A security vulnerability exists in Vesta Control Panel version v1.0.0-5, which stems from a security issue in the handlefileupload function in UploadHandler.php...
GHSA-WXG6-F773-G2F7 jQuery File Upload Plugin Unrestricted file upload vulnerability
Unrestricted file upload vulnerability in server/php/UploadHandler.php in the jQuery File Upload Plugin 6.4.4 for jQuery, as used in the Creative Solutions Creative Contact Form formerly Sexy Contact Form before 1.0.0 for WordPress and before 2.0.1 for Joomla!, allows remote attackers to execute...
Raonwiz DEXT5 Editor Arbitrary File Download Vulnerability
Raonwiz DEXT5 Editor is an HTML-based Web editor from the Korean company Raonwiz. A security vulnerability exists in the handler/uploadhandler.jsp file in Raonwiz DEXT5 Editor 3.5.1402961 and earlier versions. An attacker can exploit this vulnerability to download arbitrary files with the help of...
CVE-2020-13894
handler/uploadhandler.jsp in DEXT5 Editor through 3.5.1402961 allows an attacker to download arbitrary files via the savefilepath field...
Design/Logic Flaw
handler/uploadhandler.jsp in DEXT5 Editor through 3.5.1402961 allows an attacker to download arbitrary files via the savefilepath field...
CVE-2020-11414
An issue was discovered in Progress Telerik UI for Silverlight before 2020.1.330. The RadUploadHandler class in RadUpload for Silverlight expects a web request that provides the file location of the uploading file along with a few other parameters. The uploading file location should be inside the...
DEBIAN-CVE-2019-16217
WordPress before 5.2.3 allows XSS in media uploads because wpajaxuploadattachment is mishandled...
CVE-2016-10756
Kliqqi 3.0.0.5 allows CSRF with resultant Arbitrary File Upload because module.php?module=upload can be used to configure the uploading of .php files, and then modules/upload/uploadmain.php can be used for the upload itself...
CVE-2019-9623
Feng Office 3.7.0.5 allows remote attackers to execute arbitrary code via "!--exec cmd=" in a .shtml file to ckuploadhandler.php...
Feng Office Arbitrary Code Execution Vulnerability
Feng Office is an open source online collaboration system , using the B/S architecture , using php language development . An arbitrary code execution vulnerability exists in Feng Office 3.7.0.5. A remote attacker can exploit this vulnerability by using the "! --exec cmd=" in the...
GHSA-MH7G-99W9-XPJM Remote code execution occurs in Apache Solr
Remote code execution occurs in Apache Solr before versions 5.5.5, 6.6.2 and 7.1.0 by exploiting XXE in conjunction with use of a Config API add-listener command to reach the RunExecutableListener class. Elasticsearch, although it uses Lucene, is NOT vulnerable to this. Note that the XML external...
CVE-2017-7351
A SQL injection issue exists in a file upload handler in REDCap 7.x before 7.0.11 via a trailing substring to SendITController:upload...
DEBIAN-CVE-2017-12629
Remote code execution occurs in Apache Solr before 7.1 with Apache Lucene before 7.1 by exploiting XXE in conjunction with use of a Config API add-listener command to reach the RunExecutableListener class. Elasticsearch, although it uses Lucene, is NOT vulnerable to this. Note that the XML extern...
Pear HTTP_Upload 1.0. 0b3 - arbitrary file upload
Vulnerability description Vulnerability impact: Pear HTTPUpload 1.0. 0b3 Download: https://pear.php.net/manual/en/package.http.http-upload.php Vulnerability type: arbitrary file upload Pear HTTPUpload profile: Pear's HTTPUpload class library provides a good package of html form file upload handle...
Wordpress plugin bordeaux theme upload shell vulnerability
WordPress is a blogging platform developed using the PHP language by the WordPress Software Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. An upload vulnerability exists in the WordPress plugin bordeaux theme, which can be exploited by an attacker ...
Wordpress Highlight Premium Theme - CSRF File Upload Vulnerability
No description provided by source. Title : Wordpress Highlight Premium Themes CSRF File Upload Vulnerability Author : DevilScreaM Date : 11/10/2013 - 10 November 2013 Category : Web Applications Type : PHP Vendor : http://themeforest.net Download :...
WordPress Curvo Themes - CSRF File Upload Vulnerability
No description provided by source. . . . \ \ | / \ \ \ | || / \ / / \ / |/ \ / | / \ / / /| | |/ \ \ \ // \ / / | \ /\ / | \ \ \ / \ //\ |\ | /\ // | /|\ / / / / / / / Exploit Title: WordPress Curvo Themes CSRF File Upload Vulnerability Author: Byakuya Date: 10/26/2013 Vendor...