CVE-2025-63994

An arbitrary file upload vulnerability in the /php/UploadHandler.php component of RichFilemanager v2.7.6 allows attackers to execute arbitrary code via uploading a crafted file...

CVE-2025-63994

An arbitrary file upload vulnerability in the /php/UploadHandler.php component of RichFilemanager v2.7.6 allows attackers to execute arbitrary code via uploading a crafted file...

EUVD-2022-39021

Malicious code in bioql PyPI...

CVE-2022-36305

Vesta v1.0.0-5 was discovered to contain a cross-site scripting XSS vulnerability via the body function at /web/api/v1/upload/UploadHandler.php...

CVE-2022-36305

Vesta v1.0.0-5 was discovered to contain a cross-site scripting XSS vulnerability via the body function at /web/api/v1/upload/UploadHandler.php...

CVE-2022-36304

Vesta v1.0.0-5 was discovered to contain a cross-site scripting XSS vulnerability via the generateresponse function at /web/api/v1/upload/UploadHandler.php...

Cross site scripting

Vesta v1.0.0-5 was discovered to contain a cross-site scripting XSS vulnerability via the generateresponse function at /web/api/v1/upload/UploadHandler.php...

Cross site scripting

Vesta v1.0.0-5 was discovered to contain a cross-site scripting XSS vulnerability via the body function at /web/api/v1/upload/UploadHandler.php...

Cross site scripting

Vesta v1.0.0-5 was discovered to contain a cross-site scripting XSS vulnerability via the post function at /web/api/v1/upload/UploadHandler.php...

CVE-2022-36305

Vesta v1.0.0-5 was discovered to contain a cross-site scripting XSS vulnerability via the body function at /web/api/v1/upload/UploadHandler.php...

CVE-2022-36304

CVE-2022-36304 affects Vesta Control Panel (VestaCP) v1.0.0-5. The issue is a cross-site scripting (XSS) flaw in the generate_response function at /web/api/v1/upload/UploadHandler.php. Exploitation requires user interaction; successful payloads could impact confidentiality and integrity (both rat...

CVE-2022-36303

Vesta v1.0.0-5 was discovered to contain a cross-site scripting XSS vulnerability via the handlefileupload function at /web/api/v1/upload/UploadHandler.php...

CVE-2022-34025

Vesta v1.0.0-5 was discovered to contain a cross-site scripting XSS vulnerability via the post function at /web/api/v1/upload/UploadHandler.php...

Vesta Control Panel 跨站脚本漏洞

Vesta Control Panel VestaCP is an open source web hosting control panel. A security vulnerability exists in Vesta Control Panel version v1.0.0-5, which stems from the discovery that the post function via /web/api/v1/upload/UploadHandler.php contains a cross-site scripting XSS vulnerability...

CVE-2021-28379

web/upload/UploadHandler.php in Vesta Control Panel aka VestaCP through 0.9.8-27 and myVesta through 0.9.8-26-39 allows uploads from a different origin...

PanaceaSoft Shell Upload

Exploit Title: PanaceaSoft products Arbitrary File Upload/RCE Google Dork: NA Date: 25/5/2020 Exploit Author: syfi Vendor Homepage: http://www.panacea-soft.com/ Software Link: http://www.panacea-soft.com/ Version: latest Tested on: Ubuntu CVE : NA Vulnerability Description: PanaceaSoft products...

VulnCheck KEV: CVE-2014-8739

Unrestricted file upload vulnerability in server/php/UploadHandler.php in the jQuery File Upload Plugin 6.4.4 for jQuery, as used in the Creative Solutions Creative Contact Form formerly Sexy Contact Form before 1.0.0 for WordPress and before 2.0.1 for Joomla!, allows remote attackers to...

CVE-2019-12792

A command injection vulnerability in UploadHandler.php in Vesta Control Panel 0.9.8-24 allows remote attackers to escalate from regular registered users to root...

CVE-2019-12792

A command injection vulnerability in UploadHandler.php in Vesta Control Panel 0.9.8-24 allows remote attackers to escalate from regular registered users to root...

Command injection

A command injection vulnerability in UploadHandler.php in Vesta Control Panel 0.9.8-24 allows remote attackers to escalate from regular registered users to root...