CVE-2026-43989

JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, the uploadwasm MCP tool accepted a filesystem path from the agent and uploaded whatever bytes the path resolved to, with no validation of location, symlink target, file size, or file format. This vulnerability is...

EUVD-2026-23811

A vulnerability was found in SonicCloudOrg sonic-server up to 2.0.0. The affected element is the function Upload of the file FileTool.java of the component File Upload Endpoint. The manipulation of the argument Type results in path traversal. The attack may be launched remotely. The exploit has...

EUVD-2021-0644

Malware in sbrugna...

EUVD-2006-7115

Malware in sbrugna...

CarrierWave 跨站脚本漏洞

Mshibuya CarrierWave is an upload tool from the Mshibuya Personal Organization in the United States. It provides a simple and extremely flexible way to upload files from Ruby applications. A security vulnerability exists in CarrierWave. An attacker could exploit this vulnerability to perform...

BIT-MOODLE-2020-25701

If the upload course tool in Moodle was used to delete an enrollment method which did not exist or was not already enabled, the tool would erroneously enable that enrollment method. This could lead to unintended users gaining access to the course. Versions affected: 3.9 to 3.9.2, 3.8 to 3.8.5, 3....

CVE-2023-5547 Moodle: xss risk when previewing data in course upload tool

The course upload preview contained an XSS risk for users uploading unsafe data...

CVE-2020-25701

If the upload course tool in Moodle was used to delete an enrollment method which did not exist or was not already enabled, the tool would erroneously enable that enrollment method. This could lead to unintended users gaining access to the course. Versions affected: 3.9 to 3.9.2, 3.8 to 3.8.5, 3....

CVE-2020-25701

If the upload course tool in Moodle was used to delete an enrollment method which did not exist or was not already enabled, the tool would erroneously enable that enrollment method. This could lead to unintended users gaining access to the course. Versions affected: 3.9 to 3.9.2, 3.8 to 3.8.5, 3....

Unspecified vulnerability in upload-image-with-ajax

upload-image-with-ajax is an image file upload tool. A security vulnerability exists in upload-image-with-ajax v1.0, which is caused by a logic error in the code. The vulnerability can be exploited to upload arbitrary files to the web root directory and execute code...

[SECURITY] [DSA 3796-2] sitesummary regression update

------------------------------------------------------------------------- Debian Security Advisory DSA-3796-2 [email protected] https://www.debian.org/security/ Sebastien Delafond March 20, 2017 https://www.debian.org/security/faq -...

PHP Upload Tool 1.0 - Arbitrary File Upload and Directory Traversal Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/21150/info PHP Upload Tool is prone to an arbitrary file-upload vulnerability and a directory-traversal vulnerability. These issues occur because the application fails to sanitize user-supplied data. An attacker could...

CVE-2006-7133

CVE-2006-7133 describes a directory traversal vulnerability in Upload Tool for PHP 1.0, specifically in upload/bin/download.php. Remote attackers can read arbitrary files by manipulating the filename parameter with “..” sequences or absolute pathnames. The vulnerability affects Upload Tool for PH...

CVE-2006-7133

Directory traversal vulnerability in upload/bin/download.php in Upload Tool for PHP 1.0 allows remote attackers to read arbitrary files via 1 ".." sequences or 2 absolute pathnames in the filename parameter...

PT-2007-1411 · Php · Upload Tool For Php

Name of the Vulnerable Software and Affected Versions: Upload Tool for PHP version 1.0 Description: The issue allows remote attackers to read arbitrary files via directory traversal attacks using ".." sequences or absolute pathnames in the filename parameter of the /upload/bin/download.php API...

PHP Upload Tool 1.0 - Arbitrary File Upload / Directory Traversal

source: https://www.securityfocus.com/bid/21150/info PHP Upload Tool is prone to an arbitrary file-upload vulnerability and a directory-traversal vulnerability. These issues occur because the application fails to sanitize user-supplied data. An attacker could exploit these issues to execute code ...

PHP Upload Tool 1.0 - Arbitrary File Upload Directory Traversal

PHP Upload Tool 1.0 - Arbitrary File Upload Directory Traversal source: https://www.securityfocus.com/bid/21150/info PHP Upload Tool is prone to an arbitrary file-upload vulnerability and a directory-traversal vulnerability. These issues occur because the application fails to sanitize user-suppli...

16 HTTP Upload Tool (download.php) Information Disclosure Vulnerability

No description provided by source. Target: HTTP Upload Tool For PHP 1.0 http://uploadtool.sourceforge.net/ Vulnerability: Information disclosure Description: The download.php file in Upload Tool for PHP neither verifies that a requestor has authenticated, nor performs any sanity checking on the...

HTTP Upload Tool - download.php Information Disclosure

HTTP Upload Tool - download.php Information Disclosure Target: HTTP Upload Tool For PHP 1.0 http://uploadtool.sourceforge.net/ Vulnerability: Information disclosure Description: The download.php file in Upload Tool for PHP neither verifies that a requestor has authenticated, nor performs any sani...

HTTP Upload Tool (download.php) Information Disclosure Vulnerability

No description provided by source. Target: HTTP Upload Tool For PHP 1.0 http://uploadtool.sourceforge.net/ Vulnerability: Information disclosure Description: The download.php file in Upload Tool for PHP neither verifies that a requestor has authenticated, nor performs any sanity checking on the...