12 matches found
EUVD-2018-10148
Malware in sbrugna...
CVE-2024-53568
A stored cross-site scripting XSS vulnerability in the Image Upload section of Volmarg Personal Management System v1.4.65 allows authenticated attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the tag parameter...
Personal Management System 安全漏洞
Personal Management System is a web application for managing personal data by Dariusz Personal Developer. A security vulnerability exists in Personal Management System v1.4.65, which stems from the injection of a specially crafted payload into the tag parameter in the Image Upload section, which...
PT-2025-13475 · Undefined · Undefined
Name of the Vulnerable Software and Affected Versions: Volmarg Personal Management System version 1.4.65 Description: A stored cross-site scripting XSS issue in the Image Upload section allows authenticated attackers to execute arbitrary web scripts or HTML by injecting a crafted payload into the...
CVE-2024-5186
A Server-Side Request Forgery SSRF vulnerability exists in the file upload section of imartinez/privategpt version 0.5.0. This vulnerability allows attackers to send crafted requests that could result in unauthorized access to the local network and potentially sensitive information. Specifically,...
CVE-2020-11544
An issue was discovered in Project Worlds Official Car Rental System 1. It allows the admin user to run commands on the server with their account because the upload section on the file-manager page contains an arbitrary file upload vulnerability via addcars.php. There are no upload restrictions f...
CVE-2020-10596
OpenCart 3.0.3.2 allows remote authenticated users to conduct XSS attacks via a crafted filename in the users' image upload section...
User Management Cross-Site Scripting Vulnerability
User Management is a user manager. A cross-site scripting vulnerability exists in the upload section of User Management version 1.1. A remote attacker can use this vulnerability to inject arbitrary web script or HTML...
CVE-2018-18419
Stored XSS has been discovered in the upload section of ARDAWAN.COM User Management 1.1, as demonstrated by a .jpg filename to the /account URI...
Cross site scripting
LANGO Codeigniter Multilingual Script 1.0 has XSS in the input and upload sections, as demonstrated by the sitename parameter to the admin/settings/update URI...
Cross site scripting
Stored XSS has been discovered in the upload section of ARDAWAN.COM User Management 1.1, as demonstrated by a .jpg filename to the /account URI...
Clooud 1.4.0 Shell Upload
======================================================================================================= | Title : Clooud v1.4.0 - Premium Media Sharing Script unrestricted file upload Vulnerability | | Author : indoushka | | email : [email protected] | | Tested on : windows 10 FranASSais...